Sweden power grid confirms cyberattack, ransomware suspected
- Svenska kraftnät hit by ransomware; 280 GB of internal data reportedly stolen
- Power system remains unaffected; investigation into data leak is ongoing
- Everest group claimed responsibility; believed to be Russian-speaking, not state-sponsored
Svenska kraftnät, Sweden’s national grid operator, has confirmed suffered a ransomware attack and a data breach, and is now being extorted for money.
In a short announcement published on its website, the firm said it was now investigating, “to find out what information has leaked and how it might affect us.”
“We see no indications that the power system is affected,” Cem Göcgören, Head of Information Security at Svenska kraftnät, said in a machine-translated statement.
Everest
Svenska kraftnät is Sweden’s national grid operator, a government agency responsible for maintaining and operating the country’s electricity transmission system.
“Our current assessment is that mission-critical systems have not been affected,” Göcgören said. “At this time, we are not commenting on perpetrators or motives until we have confirmed information.”
While it did not discuss who the threat actors were, what type of files they stole, or how much money they are demanding in return, The Record found a group called Everest had claimed responsibility on the dark web, saying it stole around 280 GB of internal files, without going into any specific details.
Everest is a known ransomware organization, but it does not have an image of a dangerous group.
In fact, it became a laughing stock of the cybersecurity community after breaking into Mailchimp in 2024, as it stole such a small batch of company data (around 767 MB of information).
One person shared their thoughts on social media, describing the breach as affecting “like, one customer”, while the other commented the breach was, “probably 300 milliseconds worth of mailchimp data. Likely a client of a client’s emails were leaked.”
Everest is not a state-sponsored group, but since its members speak Russian, security researchers believe the group is located there.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Svenska kraftnät hit by ransomware; 280 GB of internal data reportedly stolen Power system remains unaffected; investigation into data leak is ongoing Everest group claimed responsibility; believed to be Russian-speaking, not state-sponsored Svenska kraftnät, Sweden’s national grid operator, has confirmed suffered a ransomware attack and a data breach, and is…
