Extra Bytes, Information Security

Mississippi Electric Utility Confirms Security Breach

Over 20,000 affected.

Emily Hill

Contributing Writer

Save

A cyberattack on Yazoo Valley Electric Power Association last summer resulted in a data breach affecting over 20,000 residents across six Mississippi counties. The utility initially cited software issues when it experienced payment processing problems in August but later confirmed that unauthorized actors had accessed sensitive files.

The full scope of the breach was determined by October, though affected individuals were not identified until December.

While the utility did not disclose the specific data compromised, a ransomware gang known as Akira later claimed responsibility, stating they had stolen Social Security numbers and company financial records. The FBI has linked Akira to numerous attacks targeting critical infrastructure, netting the cybercriminals $42 million from around 250 breaches since its emergence in 2023.

Why It Matters: Cyberattacks on utilities pose significant risks to both infrastructure and customer security. This breach highlights ongoing vulnerabilities in critical services and the increasing threat posed by ransomware gangs like Akira. It also raises concerns about the timely notification of affected individuals and how utilities handle cybersecurity incidents.

Delayed Disclosure & Investigation: Yazoo Valley Electric detected the breach on August 26 but only finalized its review by October 24, with affected individuals identified by December 20.

Customer Data Compromised: While specific details were redacted, hackers claim to have stolen Social Security numbers and company financial records.

Akira Ransomware Gang Involvement: The cybercriminal group, active since March 2023, has extorted millions through attacks on critical infrastructure and major corporations.

Service Disruption: Payment processing systems were affected for several days, underscoring the operational impact of cyberattacks on essential utilities.

Identity Protection Offered: The 20,997 affected customers are receiving one year of free identity protection services as a precaution.

Go Deeper -> Mississippi electric utility warns 20,000 residents of data breach – The Record

Mississippi electricity provider breach hits over 20K – SC Media

Save

February 5, 2025

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.