Allegedly one billion records stolen from Shanghai police

Energy supplier Entega customer data released after ransomware attack

After a cyber attack on a subsidiary of the Hessian energy supplier Entega, criminals published masses of customer data on the dark web. Entega AG, to which the subsidiary Count and Care affected by the cyber attack belongs, said on Wednesday that it was primarily names, addresses, telephone numbers and consumption data, but in some cases also bank details. Personal data of employees and business partners were also put on the dark web. The attack was directed against the IT service provider Count and Care in mid-June.

It was initially unclear how many people were affected by the criminal publication of the data. An Entega spokesman said the majority of customers could be affected, but to varying degrees. The investigation into the stolen data is still ongoing. According to Entega’s annual report, the number of customer contracts at the end of 2021 was almost 700,000. According to the company’s initial findings, bank data such as the IBAN was published in significantly less than ten percent of the cases.

According to the energy supplier, all passwords in the customer portals have been reset to prevent unauthorized access. Entega also set up a free hotline and website to provide information about the consequences of the cyber attack. At the same time, the company also warned against attempted fraud in the form of calls from alleged Entega employees. In this matter, Entega only calls customers after they have previously contacted them, the company said.

Entega described the attackers as a “highly professional group of cybercriminals”. After the attack, a ransom demand in the tens of millions was also received. The cybercriminals promised that access to the encrypted systems would be possible again after the ransom had been paid. They also threatened to publish the captured data on the dark web if the ransom was not paid.

“We did not comply with this request because we do not do business with criminals as a matter of principle,” said Entega. At the time of the threat, however, there were no concrete indications that the perpetrators had stolen personal data.

According to information from the dpa, the investigators are now assuming that a Russian group is behind the cyber attack. The Frankfurt Public Prosecutor’s Office is leading the investigation.


To home page

Volvo: Apple CarPlay comes in vehicles with Android Automotive Previous post Volvo: Apple CarPlay comes in vehicles with Android Automotive
Briefly informed: GPS tracker, Da Vinci robot, "Galaxy Unpacked", Mars mission Next post Briefly informed: GPS tracker, Da Vinci robot, “Galaxy Unpacked”, Mars mission