Rural Alabama Electric Cooperative Hit by Ransomware Attack

A utility that provides power in rural southeastern Alabama was hit by a ransomware attack that meant customers temporarily can’t access their account information, but an executive said Tuesday that systems were beginning to be brought back online.

Wiregrass Electric Cooperative, which serves about 25,000 members, did not pay a ransom and didn’t have any data compromised in the attack, chief operating officer Brad Kimbro said. Electrical service wasn’t interrupted.

But member account information and payment systems were taken offline for maintenance and as a precaution, he said, and information technicians were starting work to reestablish customer sites.

“Our IT guys spent all weekend out of an abundance of caution looking at every server, every laptop, every computer, everything,” Kimbro said.

Customers could continue having intermittent problems because of issues like broken links to websites, he said. The utility said it won’t disconnect service for customers with prepaid accounts during the interruption, the Dothan Eagle reported.

Ransomware attacks are launched by hackers who gain access to a computer system and then demand payments. While thousands of organizations were infected in at least 17 countries in a widespread assault that began Friday through software produced by Kaseya, Kimbro said the utility dropped the company’s products about 18 months ago.

“Our situation isn’t connected to that,” he said. The utility’s problem was discovered Saturday morning and appeared isolated to one server, Kimbro said.

The cooperative, which provides service in all or parts of five counties, announced on social media that it was upgrading its computer systems last week before the attack.

Related: Massachusetts Electric Utility Hit by Ransomware

Related: Hackers Behind ‘Triton’ Malware Target Electric Utilities in US, APAC

Related: Hackers Leak Data Stolen From UK Electricity Market Administrator Elexon