Water services giant Veolia North America hit by ransomware attack

Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems.
After detecting the attack, Veolia has implemented defensive measures, temporarily taking some systems offline to contain the breach.
Veolia is now working with law enforcement and third-party forensics experts to assess the extent of the attack's impact on its operations and systems.
According to Veolia, back-end systems and servers taken offline right after the attack for restoration are now back online and customers' payments will not be affected.
The attack hasn't disrupted Veolia's water treatment operations or wastewater services.
The company has discovered a limited number of individuals whose personal information may have been impacted during the breach and is working with a third-party forensics firm to assess the extent of the attack's impact on its operations and systems.
Veolia North America provides water and wastewater services to roughly 550 communities and industrial water solutions at around 100 industrial facilities, treating over 2.2 billion gallons of water and wastewater daily at 416 facilities across the United States and Canada.
The transnational Veolia group has almost 213,000 employees globally and generated €42.9 billion in revenue in 2022, providing drinking water to around 111 million people and wastewater services to roughly 97 million.
The same year, Veolia produced nearly 44 terawatt-hours of energy and treated 61 million metric tons of waste.
A water treatment company serving millions across the United Kingdom, was also the victim of a ransomware attack claimed by the Black Basta ransomware gang.
In November, CISA warned that threat actors breached a U.S. water facility in Pennsylvania by hacking Unitronics programmable logic controllers exposed online without compromising potable water safety for served communities.
Two months earlier, in September, the U.S. cybersecurity agency released a free security scan program for critical infrastructure facilities like water utilities to help them detect security gaps and secure their systems from such attacks.
U.S. Water and Wastewater Systems Sector facilities have also been breached multiple times by several threat groups deploying Ghost, ZuCaNo, and Makop ransomware in recent years,.
Other breaches of water facilities have happened over the past two decades, including a South Houston wastewater treatment plant in 2011, a water company with outdated software and hardware equipment in 2016, the Southern California Camrosa Water District in August 2020, and a Pennsylvania water system in May 2021.
In response to the WSW sector increasingly targeted by cyberattacks, CISA, the FBI, and the Environmental Protection Agency issued an incident response guide last week to help defenders secure water utilities from attacks.
Hospitals ask courts to force cloud storage firm to return stolen data.
New Black Basta decryptor exploits ransomware flaw to recover files.
FBI: Play ransomware breached 300 victims, including critical orgs.
Norton Healthcare discloses data breach after May ransomware attack.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 23 Jan 2024 21:55:11 +0000


Cyber News related to Water services giant Veolia North America hit by ransomware attack

Water services giant Veolia North America hit by ransomware attack - Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. After detecting the attack, Veolia has ...
10 months ago Bleepingcomputer.com
States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities - The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. Then it - along with several other water utilities - was struck by what federal authorities say are Iranian-backed ...
11 months ago Securityweek.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
10 months ago Bleepingcomputer.com
Ransomware gang targets nonprofit providing clean water to world's poorest - Water for People, a nonprofit that aims to improve access to clean water for people whose health is threatened by a lack of it for drinking and sanitation, is the latest organization to have been hit by ransomware criminals. The ...
11 months ago Therecord.media
Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks - A regulatory agency in Florida that oversees the long-term supply of drinking water confirmed that it responded to a cyberattack over the last week as the top cybersecurity agencies in the U.S. warned of foreign attacks on water utilities. The agency ...
1 year ago Therecord.media
Hackers breach US water facility via exposed Unitronics PLCs - CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could ...
1 year ago Bleepingcomputer.com
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere - Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation's top cyberdefense agency to warn other water and sewage-treatment utilities that ...
1 year ago Securityweek.com
Greater Paris wastewater agency dealing with cyberattack - The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack on Friday. Service public de l'assainissement francilien - known by its acronym SIAAP - manages nearly 275 miles of pipes throughout four ...
1 year ago Therecord.media
Cyberattack on Irish Utility Cuts Off Water Supply for Two Days - An attack launched by hackers last week against the systems of a small water utility in Ireland interrupted the water supply for two days. The cyberattack was reported by a local newspaper, Western People, and technical details are murky. The attack ...
1 year ago Packetstormsecurity.com
ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government - The hackers behind recent cyberattacks targeting industrial control systems at water facilities in the US are affiliated with the Iranian government, according to security agencies in the United States and Israel. The FBI, CISA, the NSA, the EPA and ...
1 year ago Securityweek.com
Cyberattack Defaces Israeli-Made Equipment at US Water Agency, Brewing Firm - The targets included the Equipment used by the Municipal Water Authority of Aliquippa, Pennsylvania and Brewmation, a New York-based company specializing in turnkey brewing and distilling equipment. U.S. officials have attributed a cyberattack on the ...
1 year ago Hackread.com
Hackers Hijacked Irish Water Facility that Interrupted Supply - Recently, there was a cyberattack on an Irish water utility that resulted in hackers gaining control of the system and disrupting the water supply. Last week, a private group water system in the Erris area was targeted by cybercriminals in a ...
1 year ago Cybersecuritynews.com
UK water company that serves millions confirms system attack The Register - Scans of identity documents such as passports and driving licenses. Documents that appear to be HR-related, displaying the personal data of what could be customers, including home address, office address, dates of birth, nationalities, and email ...
10 months ago Theregister.com
Ransomware disrupts utilities, infrastructure in January - Ransomware disrupted important U.S.-based utilities and services organizations in January, including a municipal water treatment organization, which is a sector that's become a growing target for attackers. The persistent ransomware threat continued ...
10 months ago Techtarget.com
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
6 months ago Microsoft.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com
Chilean telecom giant GTD hit by the Rorschach ransomware gang - Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service platform, disrupting online services. Grupo GTD is a telecommunications company offering services throughout Latin America, with a presence in Chile, Spain, ...
1 year ago Bleepingcomputer.com
Two-day water outage in remote Irish region caused by pro-Iran hackers - Residents of a remote area on Ireland's west coast were left without water last week due to a cyberattack perpetrated by a pro-Iran hacking group targeting a piece of equipment the hackers complained was made in Israel. The incident affected a ...
1 year ago Therecord.media
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Kansas public transportation authority hit by ransomware - The Kansas City Area Transportation Authority announced it was targeted by a ransomware attack on Tuesday, January 23. KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex ...
10 months ago Bleepingcomputer.com
US offers $10 million for tips on Hive ransomware leadership - The U.S. State Department offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware gang. The FBI says this ransomware group had extorted roughly $100 million from over 1,300 ...
10 months ago Bleepingcomputer.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
11 months ago Unit42.paloaltonetworks.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com
State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
1 year ago Csoonline.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)