{ "id": "0fcfeedc-77b7-40fe-b3b1-e13bddbaaaeb", "created_at": "2026-04-06T00:22:17.700907Z", "updated_at": "2026-04-10T13:12:01.246771Z", "deleted_at": null, "sha1_hash": "7fc160ab80c0d50f110b28ec4d6254f00719f70e", "title": "LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 1407960, "plain_text": "LockBit ransomware gang hit the Commission des services\r\nelectriques de Montréal (CSEM)\r\nBy Pierluigi Paganini\r\nPublished: 2023-09-03 · Archived: 2026-04-05 21:45:46 UTC\r\n Pierluigi Paganini September 03, 2023\r\nhttps://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html\r\nPage 1 of 5\n\nThe LockBit ransomware gang claims to have breached the Commission des\r\nservices electriques de Montréal (CSEM).\r\nhttps://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html\r\nPage 2 of 5\n\nThe LockBit ransomware group continues to be one of the most active extortion gangs in the threat landscape.\r\nThis week the gang claimed to have hacked the Commission des services electriques de Montréal (CSEM).\r\nThe Commission des services électriques de Montréal (CSEM) is a public agency responsible for the\r\nundergrounding of electrical wires in the city of Montreal, Quebec, Canada. It was created in 1910 by a\r\npartnership between the city and the private sector.\r\nThe CSEM’s mission is to provide a safe, reliable, and sustainable underground electrical network for the city of\r\nMontreal. The main activities carried out by the organization are planning and coordinating the undergrounding of\r\nelectrical wires, managing and maintaining the underground electrical network, and providing information and\r\neducation about underground electrical networks.\r\nCSEM confirmed the security breach, the company confirmed the attack took place on August 3rd, 2023. The\r\nCanadian company confirmed that it has refused to pay the ransom.\r\nThe organization immediately launched an investigation into the security breach with the help of law enforcement\r\nin Quebec. At the time of this writing, CSEM has recovered impacted systems.\r\nhttps://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html\r\nPage 3 of 5\n\nThe LockBit ransomware group published the stolen data on August 30, 2023.\r\nhttps://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html\r\nPage 4 of 5\n\nThe organizations attempted to downplay the impact of the security breach explaining that CSEM projects are the\r\nsubject of public documents.\r\n“It should be noted that all CSEM projects are the subject of public documents. Therefore, all these plans –\r\nengineering, construction and management – are already publicly available through the official process offices in\r\nQuebec.” states the company.\r\nSince August 1st, the LockBit 3 operation has already hit 140 organizations worldwide.\r\nFollow me on Twitter: @securityaffairs and Facebook and Mastodon\r\nPierluigi Paganini\r\n(SecurityAffairs – hacking, Lockbit 3.0)\r\nSource: https://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html\r\nhttps://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html\r\nPage 5 of 5", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "origins": [ "web" ], "references": [ "https://securityaffairs.com/150247/cyber-crime/lockbit-ransomware-csem.html" ], "report_names": [ "lockbit-ransomware-csem.html" ], "threat_actors": [ { "id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d", "created_at": "2022-10-25T16:07:24.139848Z", "updated_at": "2026-04-10T02:00:04.878798Z", "deleted_at": null, "main_name": "Safe", "aliases": [], "source_name": "ETDA:Safe", "tools": [ "DebugView", "LZ77", "OpenDoc", "SafeDisk", "TypeConfig", "UPXShell", "UsbDoc", "UsbExe" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434937, "ts_updated_at": 1775826721, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/7fc160ab80c0d50f110b28ec4d6254f00719f70e.pdf", "text": "https://archive.orkl.eu/7fc160ab80c0d50f110b28ec4d6254f00719f70e.txt", "img": "https://archive.orkl.eu/7fc160ab80c0d50f110b28ec4d6254f00719f70e.jpg" } }