Ignitis Group

Ignitis ON, also known as Ignitis or Ignitis Group, is headquartered in Lithuania. The organisation provides electric vehicle charging services through a software‑as‑a‑service platform. In addition to charging infrastructure, it operates digital services and websites that support its energy‑related offerings. These services are delivered to customers in the Lithuanian market where the company is based.

The organisation is described as a Lithuanian energy company. Its headquarters are located in Lithuania. No explicit figures regarding employee count, revenue, or geographic reach beyond the headquarters are provided in the source material.

A distinguishing attribute is its focus on electric vehicle charging, which relies on a SaaS platform that was the sole component affected in a February 2024 cyber incident. During that incident, personal data of approximately 20,000 charging service clients—including names, email addresses, RFID authentication tags and some vehicle registration numbers—was exposed, while financial data remained unaffected because it was not stored. The attack caused temporary service disruptions that halted all charging stations in Lithuania for several hours before operations were restored. The company reported the breach to authorities, launched an investigation into the intrusion vector and advised customers to reset their application passwords. A second distinguishing characteristic is the organisation’s experience with large‑scale distributed denial‑of‑service attacks, exemplified by a July 2022 incident claimed by the pro‑Russian hacking group Killnet. Those DDoS attacks produced significant disruptions to digital services and websites, marking the largest such incident against the organisation in ten years, though no system breach occurred. The company responded by prioritising the restoration of customer‑facing systems and collaborating with authorities to improve resilience against future large‑scale incidents. A Lithuanian defence official warned that excessive publicity of such attacks could encourage adversaries seeking to raise regional tensions.

The source material does not disclose the organisation’s ownership structure, parent company or subsidiary relationships. Consequently, any description of its corporate governance or equity holdings would be speculative and is omitted. The profile therefore relies solely on the confirmed facts regarding its activities, headquarters location and the two documented cyber incidents.