TZUTC: -0500   
   MSGID: 1639.consprcy@1:2320/105 2d66097c   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   Sweden power grid confirms cyberattack, ransomware suspected   
      
   Date:   
   Tue, 28 Oct 2025 12:02:00 +0000   
      
   Description:   
   Everest is claiming responsibility and says it stole hundreds of gigabytes of   
   files.   
      
   FULL STORY   
      
   Svenska kraftnt, Swedens national grid operator, has confirmed suffered a   
   ransomware attack and a data breach, and is now being extorted for money.    
      
   In a short announcement published on its website, the firm said it was now   
   investigating, to find out what information has leaked and how it might    
   affect us.    
      
   We see no indications that the power system is affected, Cem Gcgren, Head of   
   Information Security at Svenska kraftnt, said in a machine-translated   
   statement.   
      
   Everest    
      
   Svenska kraftnt is Swedens national grid operator, a government agency   
   responsible for maintaining and operating the countrys electricity   
   transmission system.    
      
   Our current assessment is that mission-critical systems have not been   
   affected, Gcgren said. At this time, we are not commenting on perpetrators or   
   motives until we have confirmed information.    
      
   While it did not discuss who the threat actors were, what type of files they   
   stole, or how much money they are demanding in return, The Record found a   
   group called Everest had claimed responsibility on the dark web, saying it   
   stole around 280 GB of internal files, without going into any specific   
   details.    
      
   Everest is a known ransomware organization, but it does not have an image of    
   a dangerous group.    
      
   In fact, it became a laughing stock of the cybersecurity community after   
   breaking into Mailchimp in 2024, as it stole such a small batch of company   
   data (around 767 MB of information).    
      
   One person shared their thoughts on social media, describing the breach as   
   affecting like, one customer, while the other commented the breach was,   
   probably 300 milliseconds worth of mailchimp data. Likely a client of a   
   clients emails were leaked.    
      
   Everest is not a state-sponsored group, but since its members speak Russian,   
   security researchers believe the group is located there.    
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/sweden-power-grid-confirms-cyberattack-   
   ransomware-suspected   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426