The recent cyberattack on the German Energy Agency (dena) has seen hacker group Lockbit publish stolen data from the agency on the darknet. The attack, which occurred on November 13, 2023, has had serious implications for the agency and the individuals affected by the breach.

After the incident, dena immediately initiated an examination of the illegally published data to assess the extent of the attack. The ongoing investigation has revealed that a wide range of personal data may have been compromised, including contact and communication data, bank details, information about organizational affiliation, customer history information, and personnel data such as date of birth, personnel number, working time model, and income tax classification. This breach has raised concerns about the potential misuse of this sensitive information.

In response to the cyberattack, dena has been in close contact with the Federal Ministry for Economic Affairs and Climate Protection (BMWK) and other government agencies to address the breach and implement protective measures. The agency took immediate action by shutting down all servers to prevent further damage and informed the public about the attack.

The hacker group responsible for the attack, BlackCat, is known for its pattern of threatening to publish data if ransom demands are not met. Three weeks after the breach, dena was listed as a blackmailed company on the group’s website, and it was announced that the data would be published. Following this, BlackCat’s websites became inaccessible, and an international investigative group led by US authorities was able to shut down the hacker group in December 2023.

However, a new hacker group, Lockbit, emerged shortly after and claimed to be in possession of the stolen dena data, announcing its intention to publish it. Despite initial warnings from the group, the ultimatum went without further action, raising concerns about the potential misuse of the stolen data.

Founded in 2000, dena has played a significant role in the energy transition, having launched approximately 1,500 projects worldwide. The agency employs 550 staff members and supports public and private sector clients with energy transition services. As a think tank, dena studies the challenges of building a climate-neutral society and supports the German government in achieving its energy and climate policy objectives.

This cyberattack has not only compromised dena’s sensitive data but also raised concerns about potential identity theft and financial fraud for the individuals affected. The agency’s immediate response to the breach and ongoing investigation are crucial in ensuring the security of its data and protecting the affected individuals from the repercussions of the attack.

Source link