Colombian Utility, EPM, Suffers Ransomware Attack

January 2, 2023


Colombian energy company Empresas Públicas de Medellín (EPM) suffered a BlackCat/ALPHV ransomware attack, which ended up affecting financial operations and taking down online services. EPM is one of Colombia’s largest public energy, water, and gas providers.

The company's information was decrypted, affected the alternate Data Center and analyzed a 25% contagion. of the infrastructure; in addition, the additional loss of information is still being studied.

The company who provide services to 123 municipalities, closed its customer service offices and asked 4,000 employees to work from home as a preventative measure. The same day they indicated that "fortunately the provision of energy, water and gas services was not affected." EPM provided alternative methods for customers to pay for services.

Reports claim that a sizeable amount of data was stolen and around 40 devices were compromised during the attack, but organization is yet to comment on these claims.

Incident Date

December 13, 2022



Estimated Cost

Unknown at this time

Type of Malware

Threat Source

No threat source identified