EDP Renewables North America (EDPR NA) has recently confirmed a ransomware attack that affected the system of its parent company Energias de Portugal (EDP).
According to a letter sent to customers, the attack took place April 13, and it appears that the cyber criminals were able to gain access to some information stored on EDPR NA’s information systems. The North American renewable energy giant emphasized that it only become aware of the unauthorized access to its network systems on May 8, and since then, “has worked diligently and on an expedited basis to identify the individuals potentially affected by this incident.”
The cybercriminals had left a ransom note on EDP’s system asking for more than $10 million (1,580 Bitcoins) in return for a decryption key to restore over 10 TB of allegedly stolen data.
“We gathered the most sensitive and confidential information about your transactions, billing, contracts, client and partners” the ransom note said. “And be assure that if you wouldn’t pay, all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links. So if you want to avoid such a harm for your reputation, better pay the amount that we asking for.”
EDPR NA said there is no evidence that the cyber thieves accessed personal information of their clients, such as full names and Social Security numbers. However, as a precaution they are offering a free 12-month membership for identity protection services to their customers.
“EDPR NA has no evidence that the attackers accessed your personal information,” the letter sent by CEO Miguel Angel Prado reads. “However, we are notifying you out of an abundance of caution because EDPR NA has in its information systems some of your personal information, including your name, and Social Security number. We maintain this information in order to make payments to you under the terms of your lease. We do not maintain any of your other personal information, such as your driver’s license number or credit or debit card information.”