Cyber Incident Victim: Reading Municipal Light Department

On February 21, 2020, the Reading Municipal Light Department (RMLD), an electric utility serving approximately 68,000 residents across Reading, North Reading, Wilmington, and Lynnfield Center in Massachusetts, identified a ransomware attack affecting its systems. The organization publicly disclosed the incident shortly after detection, characterizing it as part of a broader wave of ransomware attacks impacting entities nationwide. RMLD activated immediate containment protocols upon discovering the malware, focusing on isolating the infection to prevent further spread across its operational networks. While the attack disrupted regular business operations, RMLD confirmed the ransomware did not compromise electricity generation or distribution systems, ensuring continuous power supply to customers. The utility also verified that no customer financial data was accessed or exfiltrated during the breach, mitigating risks of financial fraud or identity theft for its user base.

RMLD personnel worked extensively to restore normal operations following containment, though the organization did not disclose technical specifics regarding the ransomware variant involved or the initial attack vector. Customers experienced service disruptions primarily related to administrative functions, with reports indicating outages and operational issues necessitating phone-based customer support interactions. The utility emphasized its serious approach to the cybersecurity incident through public statements, assuring stakeholders that staff prioritized resolution efforts while maintaining critical infrastructure functionality. No evidence suggested physical safety impacts or prolonged electrical service interruptions beyond the noted administrative complications. The incident highlighted operational resilience in maintaining core services despite ransomware-induced business process interruptions, though full restoration timelines remained unspecified in available communications.