The group of hackers who hacked K-Electric’s website through targeted ransomware has threatened to leak confidential data after the final deadline given to the Karachi’s sole electricity supplier expired yesterday.
K-Electric has access to sensitive information such as customers’ names, addresses, CNICs, NTNs, credit cards, and bank accounts details. Hackers can sell this data on the dark web, leaving millions of K-Electric consumers vulnerable to online threats.
On 7 September, K-Electric had suffered a targeted Netwalker ransomware attack, resulting in the suspension of billing and online services of the company.
Initially, the Netwalker gang had demanded a $3.5 million ransom from K-Electric, an amount which was increased to $7 million after a week.
Important functions of the K-Electric’s website including the company’s internal communication, correspondence with banks, and email service are disabled since the 7 September ransomware attack.
K-Electric had acquired the services of international information security experts after the hacking incident to reclaim its website from hackers.
The electricity supplier had also lodged a complaint with the Federal Investigation Agency (FIA) regarding the hacking incident.
It is worth mentioning here that K-Electric had also come under a cyber attack in August 2018.