Breivika Eiendom

Risevatnet, also known by its alias, is associated with the Lake Risevatnet dam located in southwestern Norway. The organisation's headquarters are situated in Norway. Risevatnet oversees the control system that regulates water flow from the dam's reservoir. The dam is owned by Breivika Eiendom, which is identified as the owner in incident reports. The control system includes a web‑accessible panel used to operate operational technology components. This setup allows authorised personnel to adjust valve positions and manage discharge rates.

On 7 April 2025, unidentified hackers exploited a weak password protecting the web‑accessible control panel, gaining unauthorised access to the dam's control system. The attackers forced open the dam's water valve fully, maintaining the open position for approximately four hours. During this period, the valve discharged roughly 497 litres of water per second. Norwegian authorities, including the National Security Authority, the Water Resources and Energy Directorate, and the police special unit Kripos, launched an investigation into the breach. Investigators determined that the riverbed downstream could accommodate much larger volumes, so the extra flow did not pose a danger to surrounding areas. The incident highlighted the importance of strong authentication mechanisms for industrial control systems managing critical infrastructure.