Cyberincident at the Agency for Cooperation of Energy Regulators

The Agency for Cooperation of Energy Regulators (ACER) was the target of a cyberattack. The Agency launched a full investigation, in close cooperation with the Computer Emergency Response Team of the EU institutions, bodies and agencies (CERT-EU), to clarify the incident.

The investigation revealed an exploited vulnerability in the firewall that possibly allowed the attackers, although unconfirmed, to intercept unencrypted traffic flowing through the compromised device and gain access to the data it contained.

ACER's REMIT information systems, which contain REMIT data and LNG market data, have not been affected, however, a compromise was discovered in ACER's extranet, which was immediately taken offline for corrective action. The problem has now been fixed.