Ignitis grupe

History

2024: Cyberattack that stopped charging electric vehicles in Lithuania

On February 11, 2024, it became known that in Lithuania approximately 30 thousand electric vehicles were left without charging due to a hacker attack on the Ignitis ON service, owned by the Lithuanian state group of companies in the electric power sector Ignitis grupė. As a result of cyber intrusion, personal data of system users was stolen.

According to the Telegram channel Mash, the attack was carried out by the hacker group Just Evil (formerly KillNet). The attackers gained access to the Ignitis grupė control system, which is engaged in the production of electricity, its distribution and provision of services throughout the Baltic states, as well as in Finland and Poland. Cybercriminals promise to post the stolen data and keys of users of the Ignitis ON platform on the Internet, and then "block access to charging stations forever."

𝓲

LRT

The Sputnik resource reports that due to the cyber attack, many Ignitis ON users were disconnected from the mobile application, could not charge the electric car, and access to the company's chargers in all of Lithuania was blocked. Just Evil hackers in their Telegram channel said that every 10 minutes they remove grupė thousand people from the Ignitis system.

Hackers, as suspected, gained unauthorized access to the data of our electric vehicle charging system, which operates in the cloud, and from there stole about 20 thousand customer data - names, surnames, email addresses, a list of user authentication tokens (RFID), - said the head of the electric vehicle department Ignitis Eimantas Balta.

It is emphasized that the system did not store and did not steal information related to payments, in particular, account data, bank cards and personal codes. The personal information of customers of other Ignitis services was also not affected.^[1]

Notes