Cyber Incident Victim: Lower Valley Energy

Lower Valley Energy detected a cybersecurity incident and initiated an immediate response by engaging external cybersecurity and data privacy experts. The energy cooperative retained a specialized law firm to investigate the incident and contracted third-party forensic specialists to assist in determining the scope and nature of the event. Existing safeguards—including firewalls, offsite data storage, and a third-party disaster recovery provider implemented prior to the incident—remained operational throughout the investigation. The company stated these longstanding protective measures shielded member information during the event. At the time of the December 28, 2023 update, Lower Valley Energy confirmed no evidence indicated compromise of personal information belonging to member owners. The organization maintained continuous energy service reliability throughout the incident while coordinating with law enforcement agencies as part of its investigative process.

The cooperative emphasized its commitment to infrastructure security through sustained collaboration with cybersecurity stakeholders and adherence to industry protection standards. Investigation activities focused on analyzing system access patterns, evaluating potential vulnerabilities, and verifying the integrity of operational technology controlling energy distribution. Lower Valley Energy prioritized transparent communication with members regarding ongoing incident response efforts while avoiding public disclosure of specific technical details that could compromise security protocols. The organization reaffirmed its strategy to invest in advanced defensive technologies and strengthen grid resilience against evolving cyber threats. No service disruptions, financial impacts, or data exfiltration consequences were reported in available disclosures as the investigation remained active.