Big electric company loses all customers records and bills from the last 25 years after massive hack

The Delta-Montrose Electric Association (DMEA), the Colorado state electric power company, is trying to fully restore its systems after a cyberattack disrupted 90% of its operations and led to the loss of more than 25 years of information. In its latest update, the company mentioned that they will begin accepting service payments again through SmartHub and some business partners this December 6.

Apparently, the company began detecting unusual activity in early November, which eventually led to the collapse of most of its internal network. This attack severely impacted all of the company’s systems, in addition to crippling its payment systems, billing, and customer service tools.

The company believes that those responsible for the attack targeted specific sectors on its internal network, damaging thousands of documents, spreadsheets, forms and other files in the process, so some cybersecurity experts believe the attack is related to a ransomware variant.

After detecting the attack, DMEA began working with a cybersecurity firm to determine the scope of the incident and initiate the recovery process, which remains almost a month after the incident: “For now we are operating with limited functionality and are focused on completing our investigation and restoring services in the most efficient way, economical and safe possible,” the company’s alert states.

Although the company acknowledges that the damage is severe, they assure that no confidential records were compromised during the attack. Alyssa Clemsen Roberts, the company’s chief executive, points out that confidential data could be adequately safeguarded, preventing its arbitrary exposure: “This is not how we expected to close the year; I appreciate your patience, support and understanding as we continue to address this incident,” Roberts concluded.

This is an attack similar to the one that occurred at Colonial Pipeline in early 2021, which resulted in the compromise of confidential information and the interruption of gas distribution, generating chaos for multiple industries for a few days. However, the DMEA incident has not confirmed the intervention of encryption malware or the demand for payment of a ransom.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.