Cyber Incident Victim: Empresa Provincial de Energía de Córdoba
Date:
Aug 2025
Location:
Argentina
Summary
Empresa Provincial de Energía de Córdoba reported that its Instagram and possibly Facebook accounts were compromised, with unauthorized posts showing sexual content and promotions for trading courses. The company confirmed the breach, stated that its technical team and security experts are working to regain full control, and noted that the X page had been restored while the origin and motives behind the attack remain unknown.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Saturday morning, a series of unusual posts appeared on the official Instagram account of Empresa Provincial de Energía de Córdoba (EPEC), prompting users to raise concerns about a possible compromise. The company later confirmed that its social media accounts had been intervened early that day. Technical personnel from EPEC’s information technology team, together with external security experts, began an investigation to assess the extent of the intrusion. The initial alert was triggered by the atypical nature of the content, which differed markedly from the utility’s usual communications.
The unauthorized posts featured sexually explicit images and invitations to participate in trading‑related courses, and they were most conspicuous on Instagram, though the company indicated that Facebook might also have been affected. EPEC stated that, while the breach was most visible on Instagram, the full scope of the compromised networks remained under review. The origin of the intrusion and the motives behind it were not identified in the company’s statement. No further details about the specific methods used by the attackers were disclosed in the available source.
In response, EPEC’s IT staff and the collaborating security experts worked to regain control of all affected social media channels, reporting that they had restored the X (formerly Twitter) page to normal operation in the minutes following the discovery. Efforts to secure the remaining platforms were ongoing at the time of the report. The company issued a communiqué confirming the incident and noting that work continued to reestablish full control over its accounts.