K-Electric one of the largest power generator and distributors faced a ransomware attack in the first week of September 2020. Reportedly, hackers demanded $3.5 million ransom in beginning and $7 million later which the company probably didn’t pay ending up K-Electric data of millions of customers at risk. Attackers had demanded money in Bitcoins.
According to Rafay Baloch, a famous ethical hacker and cybersecurity researcher, the data of the company are now on the Dark web; this means that data could be there for sale as well.
K-Electric Data on Dark Web
According to Rafay Baloch, the cybersecurity expert who got recognition for discovering vulnerabilities in Android, there was denial from K-Electric about the ransomware attack. Now when the data is on the dark web the company needs to seriously respond to its issue.
K-Electric is one of the largest distributors of electricity in Karachi; it enjoys a monopoly in Pakistan’s biggest city by population. Given such a big scale of its operation, it is apparent that 8.5GB of data that according to Rafay Baloch has made it to the dark web can contain sensitive information like CNIC numbers, NTN, addresses, and even debit/credit card information.
It is not sure what kind of data of the power supplier has been compromosed but sector experts have stated on Twitter that it may be finanical. In a long run the data breach can severely affect the company as well as customers.
K-Electric Customers at Risk
The K-Electric data hack may put customers in serious trouble, since the majority of them may not have access to an alternate power supply resource immediately. The ransomware and following data breach may land the company in hot waters from consumers and critics; it has already faced huge backlash due to frequent power cuts during the summer and monsoon season of 2020 in Karachi. Consumers that included celebrities and notable figures also bashed the customer service of K-Electric for replying with messages of complaints like “responded in DMs”.
Ransomware Attacks on Corporate Websites
While going digital has made lives easier for corporates and customers, it has not come without the fair share of vulnerabilities; most of them include cybersecurity threats. The K-Electric data issue is not the first of its kind. Companies all across the world have faced such massive privacy and data breaches in the recent past. The mentionable among these corporate hacking incidents include; attack of WannaCry ransomware and the British Airways customers’ data breach.
Companies around the globe now need to invest alot more to make their online systems secure in order to save their goodwill, finances and customers’ data.