Sweden’s state-owned power grid operator Svenska kraftnät has confirmed that it suffered a cyberattack leading to a data breach, though the country’s electricity supply remains unaffected.
Svenska kraftnät operates 17,500 kilometers of transmission lines and owns 28% of the Nord Pool power exchange, which serves much of Europe.
The incident was discovered on Saturday and involved an isolated external file transfer system, according to the company. The power grid and other critical systems have not been impacted, the company said.
The company is working to assess the full scope and impact of the breach and has reported the incident to the relevant authorities. Due to the ongoing investigation, Svenska kraftnät is not disclosing further details about the attack or those responsible.
The disclosure came shortly after the Everest ransomware group listed Svenska kraftnät on its Tor-based leak site, claiming responsibility for the breach. The group alleges it stole around 280 gigabytes of data and has threatened to leak the information unless its demands are met. The nature of the stolen data remains unclear.
The Everest group, active since December 2020, is known for double extortion tactics, which involves stealing data before threatening to publish it unless a ransom is paid. The group recently claimed responsibility for a cyberattack on Collins Aerospace, which disrupted operations at several major European airports.