Cyber Incident Victim: Ignitis Group

On February 11, 2024, Ignitis ON experienced a cybersecurity incident disrupting its electric vehicle charging services. During Sunday afternoon, an unspecified number of customers were disconnected from the Ignitis ON application and prevented from charging their vehicles, with all company-operated charging stations in Lithuania rendered temporarily inoperative. Service functionality was restored within several hours. The company confirmed unauthorized access to customer data, including full names, email addresses, lists of RFID authentication tags used for station access, and partial vehicle registration numbers. Payment-related information such as bank account details and card data remained uncompromised, as these were not stored within the affected systems. Ignitis ON operates its charging infrastructure via a Software as a Service (SaaS) model, which isolated the breach from other Ignitis Group operational technology and IT infrastructure.

Ignitis Group initiated an internal investigation to determine the intrusion methodology and data exfiltration vectors. The incident was formally reported to Lithuanian law enforcement agencies, the State Data Protection Inspectorate, the National Cyber Security Centre, and the National Crisis Management Centre. The company issued public apologies to affected clients and advised them to reset their application passwords as a precautionary measure. No ransomware deployment or financial extortion demands were disclosed in available reports. The confirmed impact scope involved approximately 20,000 customers, with no evidence of subsequent misuse of leaked data reported at the time of disclosure. Operational restoration focused exclusively on the SaaS platform, with no secondary disruptions to Ignitis Group’s broader energy distribution or generation assets.