Madhya Pradesh Power Management Company Limited
| Primary URL | Location | Industry | www[.]mppmc[.]in |
Country
India
|
Energy
|
|---|
Profile
Madhya Pradesh Power Management Company Limited operates as a power management entity headquartered in India, conducting its activities under the aliases M.P. Power Management Company Limited and MPPMC. The organisation is responsible for overseeing electricity-related functions within the state of Madhya Pradesh, which includes coordinating power supply and maintaining internal communication channels among its functionaries. Its internal IT system, known as IABS, serves as a key tool for facilitating communication and operational management across its various units. The company’s core mandate centres on ensuring reliable power management to meet regional demand, particularly during periods of high electricity consumption.
Specific quantitative details regarding the organisation’s size, workforce, or geographic reach are not disclosed in the available source material, so exact scale metrics cannot be provided. Nevertheless, the timing of the reported ransomware incident—occurring during a period of peak summer electricity consumption—indicates that the organisation handles substantial operational responsibilities when demand for power is at its highest. This context suggests that its services are critical to maintaining stability in the state’s electricity grid during stressful seasonal periods.
A distinguishing attribute of the organisation is its reliance on the IABS platform for internal coordination, which became the focal point of a ransomware attack on 22 May 2023 that crippled the system and disrupted communication among staff. In response to the breach, the company engaged L&T InfoTech to restore the IABS system under government guidelines and promptly reported the incident to CERT‑In and local law enforcement. Notably, the attackers had not yet issued a ransom demand at the time of reporting but had left contact email addresses, highlighting a distinctive phase of the cyber‑event where extortion had not been initiated. The incident underscores the organisation’s exposure to cyber‑threats targeting essential utility infrastructure and its adherence to prescribed incident‑response protocols.
Information concerning the organisation’s ownership structure, parent‑subsidiary relationships, or equity holdings is not explicit in the provided sources, so such details cannot be confirmed or elaborated upon. Consequently, the profile focuses solely on the verifiable aspects of its function, operational context, notable characteristics, and structural notes that are directly supported by the available information.
