Creos Luxembourg

Creos Luxembourg S.A., a natural gas pipeline and electricity network operator in the central European country was targeted by the ALPHV ransomware gang, aka BlackCat.

The attack affected the customer portals of Encevo and Creos becoming unavailable and the attackers exfiltrated “a certain amount of data” from the accessed systems.

All the customers were recommended to reset their online account credentials, which they used for interacting with Encevo and Creos services.

The ransomware group added Creos to its extortion site, threatening to publish 180,000 stolen files totaling 150 GB in size, including contracts, agreements, passports, bills, and emails.

Source: https://www.bleepingcomputer.com/news/security/blackcat-ransomware-claims-attack-on-european-gas-pipeline/

TPRM report: https://www.rankiteo.com/company/creos-luxembourg-s-a-

"id": "cre23242822",
"linkid": "creos-luxembourg-s-a-",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"

{'affected_entities': [{'industry': 'Energy',
                        'location': 'Luxembourg',
                        'name': 'Creos Luxembourg S.A.',
                        'type': 'Company'}],
 'customer_advisories': ['Recommended customers to reset their online account '
                         'credentials'],
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 180000,
                 'personally_identifiable_information': ['passports'],
                 'type_of_data_compromised': ['contracts',
                                              'agreements',
                                              'passports',
                                              'bills',
                                              'emails']},
 'description': 'Creos Luxembourg S.A., a natural gas pipeline and electricity '
                'network operator in the central European country was targeted '
                'by the ALPHV ransomware gang, aka BlackCat. The attack '
                'affected the customer portals of Encevo and Creos becoming '
                "unavailable and the attackers exfiltrated 'a certain amount "
                "of data' from the accessed systems. All the customers were "
                'recommended to reset their online account credentials, which '
                'they used for interacting with Encevo and Creos services. The '
                'ransomware group added Creos to its extortion site, '
                'threatening to publish 180,000 stolen files totaling 150 GB '
                'in size, including contracts, agreements, passports, bills, '
                'and emails.',
 'impact': {'data_compromised': ['contracts',
                                 'agreements',
                                 'passports',
                                 'bills',
                                 'emails'],
            'systems_affected': ['customer portals of Encevo and Creos']},
 'motivation': 'Extortion',
 'ransomware': {'data_exfiltration': True,
                'ransomware_strain': 'ALPHV, aka BlackCat'},
 'response': {'communication_strategy': ['Recommended customers to reset their '
                                         'online account credentials']},
 'threat_actor': 'ALPHV ransomware gang, aka BlackCat',
 'title': 'ALPHV Ransomware Attack on Creos Luxembourg S.A.',
 'type': 'Ransomware Attack'}

Creos Luxembourg

Kettering Health: US Healthcare Data Breach Crisis Impacts Millions -- Security Today

Gelatissimo: Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce

Airbus Atlantic and STELIA Aerospace North America Inc.: STELIA Aerospace confirms cyber attack on North American systems. $2.07 million ransom issued