REvil Claims Responsibility for Invenergy Hack

Ransomware group REvil has claimed responsibility for a recent cyber-attack on a multinational renewable energy company based in the United States.

Invenergy LLC, which is headquartered in Chicago, launched an investigation after unauthorized activity was detected on some of its systems.

In a statement issued on Friday, the company said that "At no time were Invenergy's operations impacted, and no data was encrypted." 

Invenergy added that it was complying with data breach disclosure regulations and that it "has not paid and does not intend to pay any ransom.”

Ransomware group REvil declared on its dark website that it had carried out the cyber-attack on Invenergy. The gang claims to have compromised the company's computer systems and exfiltrated four terabytes of data. 

Among the information allegedly taken by REvil are contracts and project data. The gang further claims to have obtained "very personal and spicy" information regarding Invenergy's chief executive officer, Michael Polsky. 

REvil says it has accessed Polsky's personal emails, sensitive details about his divorce from his first wife, Maya, and photographs in which the billionaire magnate is compromised. 

According to Forbes, Polsky emigrated from Soviet Ukraine to the United States in 1976 after building up a fortune of $1.5bn. His divorce in 2007 was reported as one of the most expensive in history after a judge awarded Maya half of Polsky's cash and assets.

REvil's victims include meat-processing company JBS and the Taiwanese Apple supplier Quanta.

The cyber-criminal gang has also claimed responsibility for a recent cyber-attack on Sol Oriens, a 50-person firm based in Albuquerque, New Mexico, which consults for the US Department of Energy’s National Nuclear Safety Administration.

The firm confirmed to CNBC that it detected a "cybersecurity incident" in May. Sol Oriens said that the matter is still under investigation and has been reported to law enforcement. 

In a statement, the company said that "an unauthorized individual acquired certain documents from our systems. Those documents are currently under review, and we are working with a third-party technological forensic firm to determine the scope of potential data that may have been involved.”

What’s Hot on Infosecurity Magazine?