Electrica Group investigates ransomware attack amid rising cybersecurity threats in Romania

Electrica Group investigates ransomware attack amid rising cybersecurity threats in Romania

Electrica Group, a leading electricity distribution and supply company in Romania, is investigating a ransomware attack that disrupted operations earlier today. The incident, described as "in progress" at the time of the announcement, underscores escalating cybersecurity threats in Romania, which recently faced widespread cyberattacks on its election infrastructure.

Electrica serves over 3.8 million users nationwide, ensuring electricity supply and maintenance services across Transylvania and Muntenia. Despite the attack, the company reassured customers and investors that its critical systems, including the Supervisory Control and Data Acquisition (SCADA) systems used to control and monitor its distribution network, were not compromised.

In a statement, Electrica CEO Alexandru Aurelian Chirita emphasized that protective measures had been implemented to secure the company’s infrastructure. "These measures are temporary and designed to ensure the entire system’s security. Our primary priority remains to maintain continuity in the distribution and supply of electricity and to protect the managed personal data and operational data of all entities within Electrica Group," Chirita said.

Electrica is working closely with national cybersecurity authorities to address the incident. Although the company has not disclosed specific details about the attack, Romania’s Ministry of Energy confirmed it was a ransomware assault.

Energy Minister Sebastian Burduja confirmed that the attack had not affected Electrica’s SCADA systems, which remain fully functional and insulated from the compromised network. "Initial investigations show that it was a ransomware attack. The network equipment has been removed and unaffected," Burduja stated. "Our technical teams and our security partners are already on the ground to eliminate any risk."

While the company has taken measures to isolate affected systems, minor disruptions in consumer interactions have occurred, which can be attributed to the protective actions taken to safeguard internal networks.