Cyber Incident Victim: Eletricidade dos Açores
Date:
May 2022
Location:
Portugal
Summary
A cyberattack targeted Eletricidade dos Açores and its group affiliates, with causes and impacts under investigation at the time of reporting. The company confirmed uninterrupted regional electricity supply despite the incident but acknowledged disruptions to commercial services, particularly customer support operations. Authorities were notified, and the organization expressed regret for any inconveniences stemming from the attack.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around May 1, 2022, Eletricidade dos Açores (EDA) and its affiliated group companies experienced a cybersecurity incident that disrupted operations. The attack prompted an immediate internal investigation to assess its causes and impacts, though specific technical details regarding the intrusion method or attacker identity were not publicly disclosed at the time of initial reporting. EDA confirmed the incident through an official statement released by its Communications and Training Directorate, emphasizing that core electrical infrastructure remained unaffected. The company assured customers that regional electricity supply continuity was maintained without interruption despite the breach. Commercial operations, however, suffered disruptions, particularly in customer service channels, though the extent of these service degradations was not quantified.
EDA proactively notified relevant regulatory and law enforcement authorities of the breach in compliance with incident reporting obligations. The company acknowledged inconveniences caused to stakeholders, specifically citing commercial service interruptions in its public apology. No data theft, ransomware demands, or financial extortion attempts were referenced in available communications. Restoration efforts focused on maintaining critical infrastructure stability while investigating the attack’s scope. Analysis of the incident’s root causes and full operational consequences remained ongoing at the time of the initial disclosure, with no supplementary technical updates provided in the immediate aftermath.