Empresas Públicas de Medellín

EPM is a major Colombian public utility provider headquartered in Colombia. It delivers essential utility services to customers across the country. The organization also operates prepaid energy services, which were specifically referenced in the 2022 cyber incident. EPM manages critical infrastructure such as the Ituango Central facility, a key generation asset. It serves a broad customer base that relies on its utility services for daily operations. The utility maintains customer service portals and internal IT systems to support billing, service requests, and operational monitoring.

EPM’s distinguishing attributes include its focus on prepaid energy solutions and its responsibility for large‑scale generation assets like the Ituango Central facility. As a publicly owned enterprise of Medellín, it is owned by the municipality of Medellín. The organization’s scale is reflected in its management of numerous internal devices and IT systems that support both operational technology and corporate functions. In response to the December 2022 BlackCat ransomware attack, EPM activated a crisis committee involving external cybersecurity experts and law enforcement to investigate the breach. The incident highlighted EPM’s capability to coordinate a rapid response while striving to maintain essential utility services despite disrupted IT infrastructure. The attack also revealed the use of ExMatter data‑theft tools, indicating that EPM’s internal networks were targeted for both operational sabotage and data exfiltration. EPM combines public utility provision with critical infrastructure management and a structured approach to cybersecurity incident response.