Renewable energy company EDP Renewables notified its landowners of a ransomware attack that it suffered in the spring of 2020.

In a sample notification letter received by the Attorney General’s Office of Vermont, EDP Renewables informed its landowners that its information systems had suffered a ransomware attack on April 13, 2020.

EDP Renewables responded by launching an investigation into the incident. This effort revealed that those responsible for the attack had gained access to at least some of the information stored on the affected information systems.

The company had not found evidence that the attack had affected its landowners’ data, EDP Renewables explained in its letter. Even so, it noted that its information systems had stored some landowner information such as names and Social Security Numbers at the time of the incident.

Acknowledging this reality, the company decided to offer its landowners with a complementary year-long membership to Experian’s IdentityWorks identity protection services. It also urged landowners to consider taking additional safeguards against identity thieves by reviewing their account statements and by placing a security freeze on their credit reports.

In its notification letter, EDP Renewables did not name the strain of ransomware responsible for the attack. But the timeline of the ransomware infection coincided with an attack in which the Ragnar Locker crypto-malware family posted some information belonging to the renewable energy company on its data leaks website. Those responsible for the ransomware threatened to release the remainder of the 10TB that they had stolen from the company if they did not receive a ransom payment of 1,580 bitcoin (worth $11 million at the time of the attack).

The attack described above highlights the ongoing threat posed by ransomware. The level of risk is even higher for organizations that have both IT and OT footprints. Tripwire Vice President and (Read more...)