Featured News

CO Energy Company DMEA Cyber Attacked 25 Years of Data Wiped

Delta-Montrose Electric Association (DMEA) suffered a malicious cyberattack that shut down 90% of its internal controls and wiped 25 years of historical data.

The energy company warned customers would start receiving multiple energy bills close together but promised not to disconnect services for non-payment or impose penalties until January 31, 2022.  Cyberattack on a Colorado energy company a suspected ransomware incident · DMEA cyberattack did not leak sensitive employee and customer data.

DMEA says the cyberattack started on November 7 before spreading and affecting internal systems, support systems, payment processing tools, billing platforms, and other customer-facing tools.


The Colorado-based energy company said the cyberattack targeted specific parts of the corporate network, corrupting documents, spreadsheets, and forms, thus suggesting it was a ransomware attack.

The cyberattack also affected the phone and email systems but spared the power grid and fiber network.

“Everyone’s ears perk up when ‘cyber attack’ meets ‘electric utility,’ but thankfully, the grid was not affected in this case,” noted Bill Lawrence, CISO at SecurityGate. “By the way, a large percentage of the smaller, distribution-level electric cooperatives are immune from cyber-attack since they don’t use automation for their operational technology.”

Lawrence, however, noted that the energy company failed to officially report the cyberattack as a ransomware incident despite the evidence. Ransomware attacks cause reputational damage to the victims, and many are hesitant to admit experiencing them.

“Still, this attack on their IT and billing networks stings, and while the term ‘ransomware’ is not in any of the reporting or DMEA’s explanation of events, they had a large portion of their data corrupted, and their internal phone system went down too. It will be interesting to learn the motive behind this attack if there are no ransom demands. Insider attacks motivated by revenge have had these hallmarks in the past.”

DMEA started an investigation to resume operations “as efficiently, economically, and safely as possible.” Sadly, the energy company is still struggling to recover from the cyber attack month later.

However, they implemented temporary payment arrangements and began phased restoration of internal network functions. Customers can pay through a check delivered personally or through the mail. However, those who fail to pay their bills on time would not face disconnections and penalties during the reconstruction period until the end of January 2022.

Saryu Nayyar, CEO at Gurucul said it would take up to two weeks for customers to resume paying their bills online or by phone.

“Utilities tend to have complex networks that often comingle enterprise operations with mission control, but apparently, the grid wasn’t affected,” Nayyar noted. “It’s not enough for these organizations to try to keep attackers out of the network. They also need analytics to be able to determine if their network has been breached and how.”

efani $5M Insurance Crypto Bank Brokerage & Other Loss + Unlimited Calls Text Data in US Canada & Mexico 5G Largest Network NATIONS MOST SECURE Cell Phone Service. Military Grade Security! efani.net
If your Identity & Phone isn’t SAFE Secure do it NOW efani

Jordan Taylor

Jordan Taylor is Sr. Editor & writer from San Diego, CA. With over 20 years and 2650+ articles edited rest assured your Press Release will see traction.

Related Articles

Back to top button