Connect with us

Hi, what are you looking for?



UK Electricity Market Administrator Elexon Targeted by Hackers

Elexon, a company involved in the management of the electricity market in the United Kingdom, has been hit by a cyberattack that impacted its internal IT systems.

Elexon, a company involved in the management of the electricity market in the United Kingdom, has been hit by a cyberattack that impacted its internal IT systems.

Elexon manages the Balancing and Settlement Code (BSC) on behalf of the electricity sector in the UK. The BSC defines the rules and governance for the balancing mechanism and imbalance settlement processes of electricity in Britain.

“We compare how much electricity generators and suppliers said they would produce or consume with how much electricity they actually generated and supplied. After calculating these volumes, we work out a price for the imbalances and charge organisations accordingly. This involves taking 1.2 million meter readings every day and handling over £1.5 billion of our customers’ funds each year,” Elexon says on its website.Elexon suffers data breach

Elexon initially revealed that its internal IT systems, including its ability to send and receive email, were affected by a cyberattack, but noted that the BSC central systems and EMR (Electricity Market Reform) systems were not affected.

In a later update, the company said it identified the root cause and it had started restoring impacted systems.

While Elexon says only its internal systems are impacted, the UK’s National Grid electricity system operator (ESO) said on Twitter that it’s investigating any potential impact on its own networks, but pointed out that electricity supply was not affected by the incident.

“We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats,” National Grid ESO said.

Learn more about electric sectors threats at SecurityWeek’s 2020 ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

It’s not uncommon for organizations in the electricity sector to be targeted in cyberattacks. Earlier this year, the European Network of Transmission System Operators for Electricity (ENTSO-E) admitted that hackers breached its corporate network, and an electric utility in Massachusetts reported being hit by ransomware.

Advertisement. Scroll to continue reading.

Industrial cybersecurity firm Dragos reported in January that an increasing number of threat groups had been targeting electric utilities in North America.

Related: Security of North American Energy Grid Tested in GridEx Exercise

Related: Hackers Behind ‘Triton’ Malware Target Electric Utilities in US, APAC

Related: DoS Attack Blamed for U.S. Grid Disruptions: Report

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights