Swedish electricity transmission operator Svenska kraftnät is investigating a data breach connected to the Everest ransomware group. The attackers claim to have accessed sensitive information through a compromised external file-transfer system, though core operational systems that control the national grid remain unaffected. The breach appears limited to data related to administrative or non-critical infrastructure, and the organization has initiated an internal investigation while cooperating with law enforcement to determine the full extent of exposure.

Everest has publicly claimed responsibility for the attack and has threatened to leak the stolen information if demands are not met. While no operational disruptions have been observed, the incident underscores increasing cyber risk to energy sector organizations, where even partial data theft can have significant security implications. The case highlights the growing use of ransomware groups targeting critical infrastructure not only for financial gain but also for leverage in public extortion campaigns.

‍

Source: https://industrialcyber.co/utilities-energy-power-water-waste/svenska-kraftnat-investigates-data-breach-linked-to-everest-ransomware-group/