A major electricity supplier in South Africa’s largest city has suffered a ransomware attack, leaving some residents without power. City Power revealed on Thursday (25/07/2019) that its IT systems had been shut down. “It has encrypted all our databases, applications and network,” the company tweeted, referring to the virus. City Power’s website remains offline and residents have reported problems via social media with their electricity supplies.
The ransomware attack initially affected customers’ ability to buy pre-paid electricity and also hampered the firm’s efforts to respond to localised blackouts. A spokesman for City Power told the BBC that more than a quarter of a million people might have been affected.
“These are the people on pre-paid system[s] and would at any given day buy electricity,” he said. “Those people were not able to access the system.” Ransomware is a type of malware that infects computers and encrypts or locks files and systems. Attackers say they will restore access once a payment is made – but there is no guarantee that they will do so. The City of Johannesburg, which owns the electricity company, said that most IT systems had now been restored.
However, city officials acknowledged that there were still problems and said customers could log faults on an alternative website. “Customers should not panic as none of their details were compromised,” read a tweet posted by the city’s official Twitter account. “We apologise for the inconvenience caused to the people of the City of Joburg.”