Cyber Incident Victim: Sawnee Electric Membership Corporation

On May 1, 2024, Sawnee Electric Membership Corporation (EMC) notified customers via email of a cybersecurity incident impacting its primary website, sawnee.com. The company discovered unauthorized access compromising the site’s integrity and functionality, prompting an immediate advisory against all interactions with the domain. Customers were instructed to cease using sawnee.com for any purpose, including account logins or clicking embedded links, to prevent potential data exposure or further system compromise. Sawnee EMC directed users to a replacement website, www.sawnee.coop, as a temporary operational alternative while mitigation efforts continued. The company established a dedicated 24-hour customer service email ([email protected]) to handle inquiries, replacing standard web-based support channels affected by the incident.

The cybersecurity incident disrupted digital services for customers across Sawnee EMC’s seven-county service area in northern Georgia, including Fulton, Cherokee, Gwinnett, Forsyth, Hall, Dawson, and Lumpkin counties. Sawnee EMC initiated a comprehensive investigation to determine the scope, origin, and potential data impacts of the breach but did not disclose technical details about the attack vector or compromised systems. No timeline for restoring the original website was provided, indicating sustained operational reliance on the sawnee.coop domain during the recovery phase. The company committed to updating customers as the investigation progressed but emphasized caution until forensic analysis concluded. This incident marked a significant operational disruption for the utility, requiring immediate public communication to mitigate risks to customer accounts and infrastructure.