lockbit2 attacks Browns Ville Public Utilites

Incident Date:

March 7, 2022

World map



lockbit2 attacks Browns Ville Public Utilites


Browns Ville Public Utilites




BrownsVille, USA

Texas, USA

First Reported

March 7, 2022

Brownsville Public Utilities Board (BPUB) Ransomware Attack

Overview of the Incident

The Brownsville Public Utilities Board (BPUB), a community-owned utility providing Electric, Water & Wastewater services, has fallen victim to a ransomware attack by the Lockbit2 group. This incident was disclosed on the group's dark web leak site. Serving nearly 200,000 residents in Brownsville, Texas, BPUB is a significant entity in the Energy, Utilities & Waste sector.

Immediate Response and Impact

Reported in March 2022, the ransomware attack prompted BPUB to swiftly implement protective measures and launch an investigation into the breach. The most noticeable consequence for customers was a delay in the reflection of account balances, with online and phone payments requiring 24-48 hours to be credited. Despite these delays, BPUB has confirmed that all payments are being received and processed accordingly.

Investigation and Consultation

In the wake of the attack, BPUB is collaborating with external cybersecurity and data privacy experts to ascertain the full extent and impact of the breach. As of now, the specific data compromised remains unconfirmed by BPUB.

Ransomware Attacks: A Growing Trend

The Lockbit2 attack on BPUB underscores the escalating trend of ransomware attacks targeting both public and private sector organizations. These incidents are becoming increasingly common, posing significant threats to financial services, public utilities, and other critical infrastructure.

Proactive Measures and Customer Communication

Although BPUB has yet to issue a formal statement regarding the Lockbit2 ransomware attack, the utility has been proactive in managing the situation and maintaining open lines of communication with its customers. This incident highlights the critical importance of robust cybersecurity defenses and the need for organizations to remain vigilant against potential cyber threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.