lockbit3 attacks Eneva

Incident Date:

September 5, 2022

World map



lockbit3 attacks Eneva






Rio de Janeiro, Brazil

Janeiro, Brazil

First Reported

September 5, 2022

Eneva, a Major Energy Operator, Suffers Ransomware Attack

Eneva, the largest private natural gas operator in Brazil, has been targeted by the ransomware group Lockbit3. The attack was announced on the group's dark web leak site. Eneva operates in the Energy, Utilities & Waste sector, with assets located in the states of Amazonas, Maranhão, Mato Grosso do Sul, and Goiás.

Eneva is renowned for generating secure and competitive energy for Brazil, boasting a thermal power capacity of 5.95 GW. The company is committed to developing custom solutions tailored to the specific needs of each client, leveraging its extensive experience and market relationships in the energy and natural gas sector.

The significance of Eneva's size as the largest private natural gas operator in Brazil cannot be overstated. However, specific details regarding the company's size and financials are not readily available.

The ransomware attack on Eneva is indicative of a broader trend of cyber threats targeting critical infrastructure and energy providers. There has been an increase in the frequency of ransomware attacks, accompanied by rising ransom demands. Although cyber insurance can offer financial protection and operational support in the aftermath of an attack, the prevalence of ransomware has negatively impacted cyber insurers' underwriting performance.

The Lockbit3 ransomware group, known for targeting various sectors including energy and utilities, focuses on larger organizations. The group utilizes its leak site to publish stolen data from its targets, threatening to release all data if the victim refuses to negotiate.

While specific vulnerabilities that made Eneva a target for threat actors are not detailed, the company's prominence and role in the energy sector render it an attractive target for cybercriminals aiming to disrupt operations or extort financial gains.

In response to the growing threat of ransomware attacks, the Geneva Association has released a report on ransomware insurance market perspectives. This report highlights the challenges and economic externalities associated with ransomware, as well as the role of cyber insurance in enhancing cybersecurity and socio-economic resilience.

Details regarding the specific impact of the ransomware attack on Eneva, such as the extent of data breaches or the nature of the stolen information, have not been disclosed. Eneva has yet to release a public statement about the attack or its response to the incident.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.