Entega, FES, Mainzer Stadtwerke: IT service provider is blackmailed by hackers | hessenschau.de

Darmstadt-based energy supplier Entega and Stadtwerke Mainz reported hacker attacks on their systems over the weekend. This also applies to the Frankfurt waste disposal company FES. According to the Hessian Ministry of the Interior, the joint IT service provider is being blackmailed.

The IT attack on the joint service provider of the Darmstadt Entega energy provider and the utility company in Mainz also affects the Frankfurt FES disposal and service group.

As reported by FES on Monday, all servers connected to the service provider have been disconnected and the connection to the service provider has been cut. Consequently, this has no impact on customer data or on your own FES systems.

The disposal and cleaning of the streets can therefore be carried out in line with the present situation. The MHKW waste-to-energy plant also operates without restrictions. However, digital administration of standard processes fails – online registration of new bulky waste orders and access to the customer portal are therefore not possible. Orders can only be accepted by e-mail, fax or telephone.

Entega: Critical Infrastructure Protection

Previously, it was known that the Entega’s website and mail server had been unavailable since Sunday. According to the company, about 2,000 employees and the company’s websites are affected. One of them is a “victim of a criminal hacking attack”. The attack took place on Sunday evening. The consequences are expected to be felt for several days.

According to the company, the so-called critical infrastructure that Entega operates along with its electricity, gas and water networks is separately protected and not affected by it. “There is no risk of supply failure,” said a spokesman. According to the current status, the attack does not affect any customer data.

ENTEGA AG Victim of a criminal hacking attack – no impact on critical infrastructure and customer data. Employee websites and email accounts are currently unavailable. We are working on countermeasures.

[zum Tweet]

The city of Darmstadt added on Monday that the attack also hit the real estate management company Bauverein and the transport company Heag – both based in Darmstadt. Mayor Jochen Partsch (Greens) explained that local public transport will continue to run without restrictions.

The Mainzer Stadtwerke website and email server are also inactive, as the company announced on Sunday evening. Among other things, the Mainz Mobility websites and the Taubertsbergbad swimming pool as well as internal e-mail servers are not accessible. The so-called critical infrastructure that Mainzer Stadtwerke operates with its electricity, gas and water networks is protected separately and is not affected by it.

Cyber ​​experts of the Ministry of the Interior: blackmail attack

The attacked IT service provider, Darmstadt-based Count + Care GmbH, asked cybersecurity experts from the Hessian Ministry of the Interior for support, a ministry spokesman said on Monday in response to a request by hr. It’s a ransomware attack.

The English word “ransom” means “ransom.” Such malware can encrypt and prevent access to information systems. Then a ransom is demanded for the release. A spokesman for the ministry did not answer questions on details such as the size of any ransom demands.

Experts from the Ministry of Internal Affairs already on Sunday supported and advised IT service providers “in making data backups and forensic evaluation”.


Hessenschau update – newsletter for Hesse

end of mold

Further information

End of further information

Leave a Comment