Energy One Breached; Black Cat Strikes Seiko
Ongoing Investigations Underway
Overt Operator
August 22, 2023
The Australian software provider Energy One has confirmed falling victim to a cyberattack last week, prompting immediate investigations into the incident.
The company, listed on the Australian stock exchange, develops software catering to energy firms in Europe, the Asia-Pacific region, and the U.K. This attack affected systems in Australia and the U.K., with the company promptly notifying relevant authorities, including the Australian Cyber Security Centre.
Despite the confirmation of the attack, key details such as the hacker group responsible, the means of initial access, and potential exposure of customer data remain shrouded in uncertainty.
Energy One is actively working to identify any further systems that may have been compromised as a result of the breach. At the time of this report, the company refrains from disclosing additional information while the investigation unfolds.
Meanwhile, the BlackCat/ALPHV ransomware group has emerged as a significant player in the cyber threat landscape. This group recently added Seiko, a renowned watchmaker with a historic legacy, to its list of victims.
With a workforce of around 12,000 and an annual revenue surpassing $1.6 billion, Seiko disclosed a data breach on August 10, revealing that unauthorized access to parts of its IT infrastructure had occurred.
The breach had occurred earlier, with Seiko noting that an unidentified party gained unauthorized access to its servers on July 28, 2023. Subsequently, the company enlisted external cybersecurity experts to investigate the breach. Their findings indicated a breach, suggesting that certain information stored by Seiko and its affiliated group companies may have been compromised.
As part of its extortion tactics, the BlackCat ransomware gang claimed responsibility for the Seiko cyberattack, offering samples of allegedly stolen data as evidence. The group ridiculed Seiko's IT security measures and proceeded to release confidential technical schematics, watch designs, production plans, employee passport scans, new model release plans, and specialized lab test results.
Of particular concern is the indication that BlackCat may possess internal drawings showcasing Seiko's patented technology, presenting the potential to expose sensitive information to competitors and imitators.