Russia-linked hackers attack Texas electric cooperatives
Hackers claim to have breached Texas electric power cooperatives, exposing sensitive financial documents. Qilin, the cybercriminal gang behind the alleged ransomware attacks, has listed two Texas electric distribution cooperatives as victims on its leak site on the dark web.
Cybernews researchers investigated the samples that Qilin claims belong to San Bernard Electric Cooperative. Among the documents were: First incident reports, containing full names, phone numbers, and incident details; Yearly budget reports; Insurance documents; Rate-case expense reports; Invoices from other companies; Labour and equipment expense reports; Right-of-way easement contracts. The post on the dark web linked to Karnes Electric Cooperative includes samples with data that exposes: Board directors’ list – their names, addresses, contact information; Financial documents, such as income and expenses balance reports, and daily financial operation documents; Organization members’ data, including names, addresses, and zip codes.
“Exposed financial data could reveal pricing strategies, cause loss of trust, or competitive disadvantage. Revealed incidents could indicate service quality issues,” said Cybernews researchers. “PII can be used for identity theft, harassment, and targeted social engineering, especially for board directors.” Recently, the notorious Russia-linked gang LockBit formed a coalition with DragonForce and Qilin ransomware. Experts believe that the alliance between LockBit, Qilin, and DragonForce could lead to improved tactics and an increased volume of attacks through shared resources.
To read the complete article see: