Veolia North America Water Service Provider Hit by Ransomware Attack

Veolia North America faced a Ransomware Attack that caused disruptions to the bill payment systems. The Veolia ransomware attack forced the organization to shut down systems to contain the breach. 

---

Veolia North America, a subsidiary of the global conglomerate Veolia, has recently experienced a ransomware attack. This incident has specifically affected systems within its Municipal Water division, causing disruptions to its bill payment systems. Veolia North America is a prominent provider of water and wastewater services, serving approximately 550 communities and offering industrial water solutions at around 100 industrial facilities. Their extensive operations include the daily treatment of over 2.2 billion gallons of water and wastewater across 416 facilities in the United States and Canada. The transnational Veolia group has almost 213,000 employees globally and generated €42.9 billion in revenue in 2022, providing drinking water to around 111 million people and wastewater services to roughly 97 million. The same year, Veolia produced nearly 44 terawatt-hours of energy and treated 61 million metric tons of waste.

Veolia North America Took Immediate Measures to Contain the Breach

Upon detecting the attack, Veolia promptly responded by implementing defensive measures, including temporarily shutting down certain systems in order to contain the cyber-security incident. Veolia is actively collaborating with law enforcement agencies and engaging the expertise of third-party forensics experts to conduct a thorough assessment of the attack’s impact on its operations and systems. This partnership aims to gain a comprehensive understanding of the extent of the breach.

“In response to this incident, we implemented defensive measures, including taking the targeted back-end systems and servers offline until they could be restored. As a result, some customers experienced delays when using our online bill payment systems,” Veolia said in a statement.

Veolia has successfully restored the back-end systems and servers that were taken offline immediately after the ransomware attack. As a result, customers’ payments will not be impacted, and normal operations have resumed. Veolia is committed to ensuring minimal disruption to its customers’ payment processes.

“Any payments made during this event have been applied, and customer accounts should reflect the most updated information. Customers will not be penalized for late payments or charged interest on their bills due to this service interruption.”

Veolia Ransomware Attack Did Not Affect Water Treatment and Services

Fortunately, the ransomware attack on Veolia has not affected its water treatment operations or wastewater services. These critical functions remain unaffected, ensuring the continued provision of reliable services to its customers. Veolia has taken appropriate measures to safeguard the integrity and continuity of its essential operations amidst the attack.

“This incident seems to have been confined to our internal back-end systems at Veolia North America, and there is no evidence to suggest it affected our water or wastewater treatment operations,”

Personal Information of Some Individuals Compromised in the Veolia Ransomware Attack

Veolia North America has identified a small number of individuals whose personal information may have been affected by the breach. The company is partnering with a reputable third-party forensics firm to conduct a comprehensive evaluation of the attack’s impact on its operations and systems. To address the growing concern of such attacks, the U.S. cybersecurity agency had previously released a free security scan program in September. This program is specifically designed for critical infrastructure facilities, including water utilities, to help them identify potential security vulnerabilities and enhance the protection of their systems against similar cyber threats. The U.S. Water and Wastewater Systems (WWS) Sector has unfortunately experienced multiple breaches by various threat groups in recent years. These breaches involved the deployment of ransomware such as Ghost, ZuCaNo, and Makop. It is a concerning trend that highlights the vulnerabilities within the sector. Additionally, there have been other incidents of water facility breaches over the past two decades. These include the breach of a South Houston wastewater treatment plant in 2011, a water company with outdated software and hardware equipment in 2016, the Southern California Camrosa Water District in August 2020, and a Pennsylvania water system in May 2021. In light of the growing number of cyberattacks targeting the Water and Wastewater Systems (WWS) sector, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency (EPA) recently collaborated to release an incident response guide.