Cyber Incident Victim: Electrica Group

On December 9, 2024, Electrica Group, a major Romanian energy distributor serving approximately 3.8 million customers and listed on the Bucharest and London stock exchanges, publicly disclosed an ongoing cyberattack through an investor notification. Chief Executive Alexandru Chirita confirmed specialist teams were collaborating with national cybersecurity authorities to manage the incident, with objectives focused on rapid resolution, identifying the attack’s origin, and minimizing operational consequences. The company emphasized its critical electricity distribution and supply systems remained unaffected, though it acknowledged disruptions in customer-facing interactions resulting from proactive security measures applied to internal infrastructure. These protective actions were described as temporary safeguards designed to preserve overall system integrity. Electrica did not disclose technical details about the attack methodology, intrusion vectors, or specific compromised assets, nor did it attribute responsibility to any threat actor.

Electrica’s primary operational priorities centered on maintaining uninterrupted electricity delivery and securing both customer personal data and internal operational information across its subsidiaries. The organization committed to providing ongoing public updates regarding incident developments and mitigation efforts while advising consumers to exercise caution against suspicious communications purportedly from the company. Customers were explicitly warned against sharing personal data via unsecured channels during the incident response period. No quantitative details regarding service interruptions, data exposure, financial impact, or recovery timelines were released in the initial announcement. The company’s communications consistently framed the disruptions as controlled outcomes of defensive protocols rather than direct effects of attacker actions on core operational technology.