BreachExchange mailing list archives

Clean-Energy Giant Invenergy Suffers Hack Claimed by REvil


From: Sophia Kingsbury <sophia.kingsbury () riskbasedsecurity com>
Date: Mon, 14 Jun 2021 13:56:39 -0400

https://www.bloomberg.com/news/articles/2021-06-11/clean-energy-giant-invenergy-reports-hack-in-its-systems

U.S. clean-power giant Invenergy LLC said it found unauthorized activity on
some of its systems, while REvil, the group behind the recent cyberattack
on meat giant JBS SA, said it was behind the latest hack.

The Chicago-based renewables developer said it has investigated the
intrusion and saw no impact on its operations.

“At no time were Invenergy’s operations impacted and no data was
encrypted,” the company said in an emailed statement Friday. “Invenergy has
not paid and does not intend to pay any ransom.”

The disclosure follows recent cyberattacks that took down the largest U.S.
gasoline pipeline and the largest beef producer in the country for several
days. The FBI attributed the May 30 cyberattack against Sao Paulo-based JBS
to REvil, a hacking group that researchers say has links to Russia.

In a blog post, REvil claims to have downloaded 4 terabytes of “sensitive
data” from Invenergy, including projects, contracts and non-disclosure
agreements. They also claim to have stolen “personal and spicy” data from
Invenergy founder and Chief Executive Officer Michael Polsky’s computer.

The Eastern European hackers claim to be primed for a long-term bout with
their hostages. The blog post concludes with a photo of Polsky on the cover
of Forbes.

Invenergy Future Fund, an investment fund linked to Invenergy, in 2018 said
it provided funding for a cybersecurity technology provider.

The Financial Times reported the Invenergy hack earlier Friday.
_______________________________________________
BreachExchange mailing list sponsored by Risk Based Security
BreachExchange () lists riskbasedsecurity com

If you wish to Edit your membership or Unsubscribe you can do so at the following link:
https://lists.riskbasedsecurity.com/listinfo/breachexchange

Current thread: