LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)

The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM).

The LockBit ransomware group continues to be one of the most active extortion gangs in the threat landscape. This week the gang claimed to have hacked the Commission des services electriques de Montréal (CSEM).

The Commission des services électriques de Montréal (CSEM) is a public agency responsible for the undergrounding of electrical wires in the city of Montreal, Quebec, Canada. It was created in 1910 by a partnership between the city and the private sector.

The CSEM’s mission is to provide a safe, reliable, and sustainable underground electrical network for the city of Montreal. The main activities carried out by the organization are planning and coordinating the undergrounding of electrical wires, managing and maintaining the underground electrical network, and providing information and education about underground electrical networks.

CSEM confirmed the security breach, the company confirmed the attack took place on August 3rd, 2023. The Canadian company confirmed that it has refused to pay the ransom.

The organization immediately launched an investigation into the security breach with the help of law enforcement in Quebec. At the time of this writing, CSEM has recovered impacted systems.

The LockBit ransomware group published the stolen data on August 30, 2023.

The organizations attempted to downplay the impact of the security breach explaining that CSEM projects are the subject of public documents.

“It should be noted that all CSEM projects are the subject of public documents. Therefore, all these plans – engineering, construction and management – are already publicly available through the official process offices in Quebec.” states the company.

Since August 1st, the LockBit 3 operation has already hit 140 organizations worldwide.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Lockbit 3.0)