DMEA Colorado electric utility hit by a disruptive cyberattack

A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage.

The Delta-Montrose Electric Association (DMEA) is a local electric cooperative located in Colorado, it is part of Touchstone Energy Cooperatives.

The company has discovered a security breach on November 7, the attack disrupted phone, email, billing, and customer account systems.

The company also confirmed that internal documents have been “corrupted,” a circumstance that suggests that DMEA was hit by a ransomware attack. At the time of this writing, no ransomware gang has claimed responsibility for the security breach.

90% of internal controls and systems were corrupted by the cyber attack and most of the historical data dating back more than 20 years was compromised. DMEA retained forensic experts to investigate the scope of the incident.

“DMEA was the victim of a cyber-attack on November 7, 2021. DMEA discovered a targeted effort to access portions of our internal network system by an unauthorized third party. As a result, DMEA lost 90% of internal network functions, and a good portion of our data, such as saved documents, spreadsheets, and forms, was corrupted. It also impacted our phones and emails. Our power grid and fiber network remain unaffected by the incident.”reads the data breach notice published by the company.

According to the notice, all penalty fees and disconnections for non-payment will be suspended until January 31, 2022.

DMEA pointed out it hasn’t found evidence that sensitive data was compromised due to the security breach. In a recent update, the company declared that it estimates it will be able to resume member billing the week of December 6 – 10.

“We are highly confident no sensitive member or employee information has been compromised,” the company said.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Colorado Electric Utility)

[adrotate banner=”5″]

[adrotate banner=”13″]