Cyber Incident Victim: Empresa Distribuidora Del Este

On or around February 17, 2023, the BlackCat ransomware group listed Empresa Distribuidora Del Este (EdeEste), an electricity distribution company, on its data leak site. BlackCat claimed possession of 420 GB of data stolen from the company and provided an onion URL for evidence, though this link was non-functional at the time of reporting. The attackers did not specify ransom demands but indicated via their leak site post that unreleased data would remain for sale. EdeEste’s corporate website became inaccessible following the incident, though no official acknowledgment of an attack appeared on its social media channels or website. The company did not respond to external inquiries regarding the breach. BlackCat’s leak site inclusion typically signifies failed negotiations or refusal to pay ransoms, though no confirmation exists regarding prior contact between EdeEste and the threat actors.

The incident coincided with regional disruptions linked to BlackCat operations, including a February 17 malware attack on Chile’s FONASA health fund that caused service delays. Chile’s government CSIRT had issued alerts about BlackCat activity in the country, though BlackCat representatives denied targeting Chilean entities when queried. EdeEste’s operational infrastructure disruption was evident from the sustained website outage, but the company disclosed no specifics on affected systems, data types, or recovery efforts. DataBreaches.net verified the absence of breach notifications or public statements by EdeEste as of February 24, 2023. File listings from typical BlackCat attacks often include financial records, customer data, and internal communications, though the composition of the reportedly stolen 420 GB dataset remained unconfirmed in EdeEste’s case. No further updates emerged regarding the company’s response trajectory or data disclosure status beyond the initial leak site entry.