This article is more than 1 year old

South Africans shivering in the dark after file-scrambling nasty hits Johannesburg power biz

City says no data stolen in ransomware outbreak, some prepaid punters without 'leccy

The city of Johannesburg in South Africa is battling to get electricity to some customers left in the dark by a ransomware infection.

Utility company City Power today confirmed news reports that file-scrambling malware had invaded and knackered its systems.

That infection basically prevents pre-paid customers from refilling their accounts, and therefore leaves them without electricity if their account balance falls too low.

The city government did not provide details on the type of ransomware that hit the power company, but said that customer information was not accessed in the attack.

"Customers should not panic as none of their details were compromised," the city said in an update posted Thursday afternoon.

"We apologise for the inconvenience caused to the people of the City of Joburg. Please be patient with us, we expect to have everything back in order by the end of Thursday."

The city went on to say that it was already in the process of restoring computers hit by the ransomware, although invoicing and fault logging systems were taking additional time to recover.

The infection comes as Johannesburg is in the middle of a cold snap amidst the South African winter. The utility reported earlier this week that it was experiencing capacity constraints as customers used more electricity to keep warm.


Biz tells ransomware victims it can decrypt their files... by secretly paying off the crooks and banking a fat margin


Johannesburg is far from alone in the ranks of cities to fall victim to ransomware attacks. In the US, the city of Baltimore suffered outages at multiple departments earlier this year when a massive ransomware outbreak spread through its network.

Later in the summer, a Georgia state court office had to take some of its recordkeeping services offline in order to address a malware infection that was holding some of its systems for ransom.

More recently, at least one person in the IT department of Lace City, Florida was out of a job after officials caved in and paid the Bitcoin demand from ransomware operators in that city.

While law enforcement groups say it is never advised to pay a ransomware demand, experts note that in some cases it can make more sense for a company to at least consider opening a dialogue with the attackers. ®

More about


Send us news

Other stories you might like