DESFA

In August 2022, DESFA, Greece’s largest natural gas distributor, confirmed a cyberattack resulting in a limited-scope data breach and an IT system outage. The attack was executed by the Ragnar Locker ransomware group, a well-known threat actor with a history of high-profile breaches. While DESFA’s IT team managed to thwart deeper infiltration, hackers still accessed and potentially leaked files and data, confirming a network intrusion. The incident disrupted operations, though the full extent of the data exposure remains unclear. The involvement of ransomware (Ragnar Locker) suggests the attackers likely demanded a ransom, though DESFA did not publicly confirm payment or further operational disruptions beyond the initial breach. The attack highlights vulnerabilities in critical infrastructure, raising concerns about energy sector security and the broader implications of cyber threats on national utilities. The leak of internal data even if limited poses risks to corporate confidentiality, operational integrity, and potential regulatory repercussions.

Source: https://www.secureblink.com/cyber-security-news/new-donut-leaks-group-is-involved-in-a-series-of-ransomware-attacks-1

TPRM report: https://www.rankiteo.com/company/c&m-engineering-s-a-

"id": "c&m416092125",
"linkid": "c&m-engineering-s-a-",
"type": "Ransomware",
"date": "8/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'energy (natural gas distribution)',
                        'location': 'Greece',
                        'name': 'DESFA (Natural Gas Distribution Network '
                                'Operator)',
                        'type': 'government-owned enterprise'}],
 'data_breach': {'data_exfiltration': True},
 'date_publicly_disclosed': '2022-08',
 'description': "Greece's largest natural gas distributor, DESFA, confirmed a "
                'limited-scope data breach and IT system outage following a '
                'cyberattack in August 2022. Hackers attempted to infiltrate '
                "its network but were thwarted by the IT team's quick "
                'response. Some files and data were accessed and possibly '
                'leaked, indicating a network intrusion. The attack was linked '
                'to the Ragnar Locker ransomware operation, which leaked data '
                'on a Friday.',
 'impact': {'data_compromised': True,
            'downtime': True,
            'operational_impact': True,
            'systems_affected': True},
 'ransomware': {'data_exfiltration': True,
                'ransomware_strain': 'Ragnar Locker'},
 'response': {'communication_strategy': ['public statement confirming limited '
                                         'breach'],
              'containment_measures': ['quick response by IT team'],
              'incident_response_plan_activated': True},
 'threat_actor': 'Ragnar Locker',
 'title': 'DESFA Limited Scope Data Breach and IT System Outage (August 2022)',
 'type': ['data breach', 'IT system outage', 'ransomware attack']}

DESFA

Asahi, City of Sugar Land and Government of Palau: Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year

Rumpke: Rumpke settles lawsuit over employee data stolen in cyberattack

deVixor: New Android Banking Malware ‘DeVixor’ Adds Ransomware Capabilities