Cyber Incident Victim: Uttar Haryana Bijli Vitran Nigam Limited
Date:
May 2025
Location:
India
Summary
Uttar Haryana Bijli Vitran Nigam Limited experienced a cyberattack that disabled its official website, halting online services such as new electricity connections, bill payments, and complaint registration and affecting more than 50,000 consumers. The utility’s IT and cybersecurity teams were mobilized to assess and remediate the intrusion, with officials stating that digital services were expected to resume within a 48‑hour window while the exact malware and attackers remained under investigation. In response, the organization issued an advisory urging consumers to avoid suspicious links and to use offline channels for service requests and payments until full restoration.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 7, 2025, the official website of Uttar Haryana Bijli Vitran Nigam Limited (UHBVNL) was disabled by a cyberattack. The attack crippled critical online services such as new electricity connection requests, bill payments, complaint registration, and technical services. Over 50,000 consumers were affected across multiple districts. Senior officials confirmed the disruption and stated that the cyber intrusion had impacted a wide spectrum of consumer services. The website's core functionalities were rendered non-functional, leaving consumers unable to proceed with new connection applications or other online interactions. The resulting service delays caused widespread confusion among users seeking electricity-related services.
In response, UHBVNL's IT and cybersecurity wing was mobilized to assess and remediate the incident. Initial reports indicated the intrusion was deliberate and coordinated, although the specific malware or attackers remained under investigation. Technicians and forensic teams conducted round-the-clock recovery operations. The utility declared a cybersecurity emergency and expected digital services to be restored within a 48‑hour window. Teams worked on a war footing to mitigate the breach and restore the system. As of the latest update, recovery efforts were ongoing with the goal of bringing the website and associated services back online.