Cyber Incident Victim: Qulliq Energy Corporation
Date:
Jan 2023
Location:
Canada
Summary
Qulliq Energy Corporation experienced a cybersecurity breach prompting immediate containment measures and activation of its crisis response plan. External cybersecurity experts are assisting the investigation to determine the attack's cause and scope, while critical power generation remains unaffected. Administrative systems and Customer Care operations are currently offline, requiring alternative communication methods for service inquiries. The corporation advises customers to monitor financial accounts and enhance password security as a precaution, though unauthorized data access remains unconfirmed. Bill payments are limited to cash, bank transfers, and select retail locations, with credit card processing temporarily unavailable.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 4 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 15, 2023, Qulliq Energy Corporation (QEC) experienced an illegal cyberattack that breached its network. The corporation detected the incident promptly and implemented immediate containment measures, activating its crisis response plan to mitigate further damage. QEC collaborated with external cybersecurity experts and IT teams from the Government of Nunavut to investigate the breach’s origin and scope. President and CEO Rick Hunt confirmed the activation of crisis protocols, emphasizing the dual priorities of restoring normal operations and assessing potential compromises to customer data. While power generation facilities remained fully operational, administrative and Customer Care computer systems were rendered inoperable, disrupting routine corporate functions. QEC publicly disclosed the incident on January 19, acknowledging the ongoing investigation’s preliminary stage and the inability to confirm whether attackers accessed sensitive information.
The attack disrupted QEC’s customer service capabilities, forcing the suspension of standard payment processing channels. Customers could no longer make credit card payments in person or via telephone banking, though cash payments at Customer Care offices in Iqaluit and Baker Lake, transactions through Northern/Co-op stores and local banks, and bank transfers via telephone or internet banking remained available. The corporation established a voicemail line for outage reports and Customer Care inquiries, with responses deferred until system restoration. QEC advised all customers to proactively monitor financial accounts for suspicious activity and strengthen passwords for critical accounts like email and online banking, recommending complex combinations of letters, numbers, and special characters. No timeline was provided for full system recovery, with updates promised as the investigation progressed. The corporation issued a public apology for service disruptions while reaffirming its commitment to notifying affected parties if evidence of data compromise emerged.