A department in Veolia North America, a transnational company offering water, energy and waste recycling management services, suffered a ransomware attack which resulted in the theft of some personal data, and forced the company to take parts of its infrastructure offline.
In a press release published on the Veolia website, the company confirmed its Municipal Water division suffered an incident that forced the firm to take the targeted back-end systems and servers offline until they could be restored.
“As a result, some customers experienced delays when using our online bill payment systems,” the release states.
Operations not affected
Since then, the systems have been restored, and any payments made during the attack have been applied. “Customers will not be penalized for late payments or charged interest on their bills due to this service interruption,” Veolia added.
Veolia North America provides water and wastewater services to some 550 communities. It also services industrial water for some 100 industrial facilities, treating more than 8 billion liters of water and wastewater every day. Still, the company says this attack didn’t affect its operations.
Some personal data may have been stolen, though. “Those individuals who may have been impacted by this incident will be contacted directly by Veolia and provided additional information and assistance,” the company said in the announcement. There was no elaboration on who the impacted individuals are, or what type of data was taken. Given that this was a ransomware attack, it’s likely that the threat actors demanded ransom in exchange for the information. At this point there is no information on who the attackers are, what their demands are, or what the deadline is.
Relevant authorities and law enforcement agencies have been notified of the attack, and external forensics teams were brought in to assist with the aftermath of the attack.
More from TechRadar Pro
- More US water treatment plants have been hit by ransomware
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.