United Group Subsidiaries Hit by Cyberattack in Bulgaria
On the evening of Monday, 22 September, United Group confirmed that two of its Bulgarian subsidiaries Vivacom and Mainstream Bulgaria were targeted in a malicious cyberattack by external threat actors. The incident was swiftly contained with the support of cybersecurity specialists, and an investigation is now underway. Authorities and regulators have been notified in compliance with legal obligations.
While Vivacom’s core services mobile and fixed connectivity remain unaffected, some business clients may experience temporary technical disruptions as restoration efforts continue. United Group has prioritized full system recovery and is conducting a comprehensive review of its networks to identify vulnerabilities and mitigate future risks.
The company condemned the attack, describing it as a criminal attempt to disrupt operations and exploit businesses for financial gain. Acknowledging the growing threat of cyberattacks globally, United Group reaffirmed its commitment to strengthening security and resilience across its markets. Updates on the incident will be provided as the situation develops.
Vivacom cybersecurity rating report: https://www.rankiteo.com/company/vivacom
"id": "VIV1772331885",
"linkid": "vivacom",
"type": "Cyber Attack",
"date": "9/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Business clients',
'industry': 'Telecommunications',
'location': 'Bulgaria',
'name': 'Vivacom',
'type': 'Subsidiary'},
{'location': 'Bulgaria',
'name': 'Mainstream Bulgaria',
'type': 'Subsidiary'}],
'date_detected': '2024-09-22',
'date_publicly_disclosed': '2024-09-22',
'description': 'On the evening of Monday, 22 September, United Group '
'confirmed that two of its Bulgarian subsidiaries Vivacom and '
'Mainstream Bulgaria were targeted in a malicious cyberattack '
'by external threat actors. The incident was swiftly contained '
'with the support of cybersecurity specialists, and an '
'investigation is now underway. Authorities and regulators '
'have been notified in compliance with legal obligations. '
'While Vivacom’s core services (mobile and fixed connectivity) '
'remain unaffected, some business clients may experience '
'temporary technical disruptions as restoration efforts '
'continue. United Group has prioritized full system recovery '
'and is conducting a comprehensive review of its networks to '
'identify vulnerabilities and mitigate future risks.',
'impact': {'downtime': 'Temporary technical disruptions',
'operational_impact': 'Disruption to business clients',
'systems_affected': 'Business client systems'},
'investigation_status': 'Underway',
'motivation': 'Financial gain',
'post_incident_analysis': {'corrective_actions': 'Comprehensive review of '
'networks to identify '
'vulnerabilities and '
'mitigate future risks'},
'recommendations': 'Strengthening security and resilience across markets',
'references': [{'date_accessed': '2024-09-22',
'source': 'United Group Statement'}],
'regulatory_compliance': {'regulatory_notifications': 'Yes'},
'response': {'communication_strategy': 'Updates to be provided as the '
'situation develops',
'containment_measures': 'Swift containment',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'recovery_measures': 'Restoration efforts',
'remediation_measures': 'Full system recovery and network review',
'third_party_assistance': 'Cybersecurity specialists'},
'threat_actor': 'External threat actors',
'title': 'United Group Subsidiaries Hit by Cyberattack in Bulgaria',
'type': 'Cyberattack'}