Hacker stole billing data from Power Company in India, ransomed for 10 million Rupees

Last week, the Uttar Haryana Bijli Vitran Nigam (UHBVN) power company based in Panchkula, India, was hacked by an anonymous hacker organization. According to the information left by the attackers, after gaining access to UHBVN’s computer system, they invaded the billing system and successfully obtained UHBVN’s customer billing data. If UHBVN wants to regain this data, it will have to pay 10 million rupees (about $150,000) or equivalent Bitcoin as a ransom.

According to new Indian express reports, UHBVN is responsible for the electricity supply and cost collection in 9 major areas of Haryana (Panchkula, Ambala, Kurukshetra, Karnal, Panipat, Yamunanagar, Sonepat, Kaithal, and Rohtak) with over 260,000 customers (including Civil, commercial and industrial electricity).

The cyber attack occurred around 12:17 local time on the morning of March 21st. On the 22nd, UHBVN employees discovered that they had ransom information about the payment of ransom on their computer screens. UHBVN immediately investigated the matter.

The data stolen by hackers is the consumer bill of UHBVN customers. This includes the electricity bills that customers have paid, the number of unpaid electricity bills, and the customer’s address. The loss of data means that UHBVN will not be able to clearly understand which customers have not yet paid and the specific amount of electricity not paid. In addition, they can no longer view the customer’s electricity bill records.

A spokesman for UHVBN stated that after learning about the incident, they immediately contacted the police and a third-party security expert to jointly investigate the incident.

The spokesperson also stated that the databases stolen by hackers were encrypted and that customer-related data would not be compromised. In addition, UHVBN has a backup of this database and has been using backup for data recovery, so there will be no business interruption or loss.

UHVBN also emphasized that the company has taken many measures to phase out the billing systems currently in use and will replace it with a more technologically advanced cloud service system that will be operational by the end of May 2018. At present, the billing of about 4,000 customers for industrial electricity is already done through this system, so this attack is totally unaffected by these customers.

At present, we cannot yet assert whether the UHVBN official statement is true or trying to downplay the entire incident. But for the company, at least one thing is fortunate, that is, hackers just stole the data without causing substantial damage.