Breivika Eiendom
| Primary URL | Location | Industry | Undetermined |
Country
Norway
|
Infrastructure - Dams
|
|---|
Profile
Breivika Eiendom is an organisation also known by its alias Breivika Eiendom. Its headquarters is located in Norway. The available sources do not specify the organisation's core products or services. Likewise, the sources do not describe its scope, markets served, or notable footprint. No explicit information is provided about its size, reach, or organisational structure such as ownership or parent/subsidiary relationships. Consequently, any description of its specialisation, regulatory role, sector positioning, or competencies cannot be derived from the given material. The only confirmed attribute from the sources is its Norwegian base and the alias used. This limited disclosure means that further details about its business activities remain undetermined from the provided information. The organisation is referenced in connection with a cybersecurity incident involving critical infrastructure. Despite the lack of business description, the incident provides a concrete point of reference for the organisation's involvement in operational technology environments.
On 7 April 2025, Breivika Eiendom discovered that hackers had breached the control systems of the Lake Risevatnet dam. The attackers forced the water valve to open fully and keep it open for several hours before detection. The unauthorized release added approximately 497 litres per second to the river flow. Officials noted that this volume remained well below the riverbed’s capacity of up to 20,000 litres per second. Authorities including the Norwegian National Security Authority, the Norwegian Water Resources and Energy Directorate, and Kripos were notified. An investigation into the breach was launched following the discovery. Investigators suspect that the breach resulted from a weak password on the valve’s web‑accessible control panel. This weak password allowed attackers to bypass authentication and gain direct access to the operational technology environment. The incident highlights the vulnerability of critical infrastructure to cyber threats stemming from inadequate credential management. As of the date of the sources, the investigation was ongoing and no further details about mitigation or attribution had been publicly disclosed.
