On Saturday 20th of August 2022, Greece’s largest natural gas distributor, DESFA released a statement confirming that they suffered a data breach and IT system outage following a cyberattack. Although due to the quick response of its IT team, the intrusion was limited. However, some files and data were accessed and could be possibly exfiltrated so there is the risk of a data leak.
In response to the attack, DESFA deactivated many of its online services to protect client data. Although now, that the initial recovery has been completed, these services are gradually returning to normal operations as experts work towards a careful restoration. DESFA assures its consumers that this incident won’t impact the gas supply. DESFA also confirmed that they had informed the police’s cybercrime department, the national data protection office, the national defence department, and the ministry of energy and environment.
The statement was released after data was leaked on Friday 19th of August 2022 by the Ragnar Locker ransomware operation. Ragnar Locker stated they had found multiple security vulnerabilities on DESFA’s systems and informed DESFA of them as a part of Ragnar Locker’s extortion attempt.