Reading Municipal Light Department

The Reading Municipal Light Department (RMLD) is a municipal electric utility providing essential power distribution services to residential and commercial customers. Its operational footprint covers multiple towns within Massachusetts, serving a community of over 68,000 residents. As a public utility, its core function is the reliable delivery of electricity to its designated service territory, managing the local grid infrastructure that connects power sources to end-users. The department operates as a critical component of regional infrastructure, ensuring daily power supply for homes, businesses, and public services within its jurisdiction. Its customer base represents a significant population segment in the area, underpinning its role as a foundational service provider. The organization's identity is closely tied to its municipal status, implying a governance structure accountable to the local communities it serves. This positioning distinguishes it from investor-owned utilities, as its primary mandate is public service within a defined geographic area rather than profit maximization for shareholders. The scale of its operations, while serving a specific region, establishes it as a notable entity within the Massachusetts municipal utility sector.

A defining event in the department's recent history occurred on February 21, 2020, when it experienced a ransomware attack. This cybersecurity incident successfully disrupted the organization's internal business operations, affecting administrative and support systems. Critically, the attack did not breach the operational technology that controls the electricity grid, thereby preventing any interruption to the actual power supply for customers. Furthermore, the investigation confirmed that sensitive customer financial data remained uncompromised. The department's security protocols enabled rapid detection of the infection, leading to an immediate containment action that isolated the malware and halted its spread. In response to the business system outage, the utility implemented a contingency plan, temporarily directing customers to use phone-based systems for reporting power outages. This measure maintained customer service continuity during the restoration period. The incident response demonstrated a competency in incident management, prioritizing the separation of critical grid control systems from compromised business networks. The subsequent recovery process focused on restoring normal business operations while maintaining uninterrupted electric service, highlighting a key resilience attribute within its operational framework. The event serves as a documented case study in the sector regarding cyber threats targeting municipal utilities and the importance of segmented network architecture.