Incransom has launched a ransomware attack against Tonga Power Limited, a key energy provider in Tonga, disrupting critical services in the region. This incident highlights the vulnerability of Tonga’s energy infrastructure to cyber threats, with the impact concentrated in Tonga.
Incident Details
- Victim: https://www.tongapower.to/
- Country: TO
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/68e83ea6fa0b6f4bdf39ab61
- Discovered: 2025-10-09 23:14:02.654151
- Published: 2025-10-09 10:00:00.000000
Information
- Ransomware attack targeted Tonga Power Limited (TPL), the main electricity provider in Tonga.
- Actor responsible for the attack identified as Incransom.
- Founded in July 2008, TPL operates as the concessionaire within Tonga’s electricity regulation regime.
- Provides generation, distribution, and sales of electricity across Tongatapu, Vavaú, Haápai, and Éua.
- Core mission: to reduce Tonga’s vulnerability to oil price shocks and improve access to modern energy services sustainably.
- Strives for financial sustainability and aligns with the government’s vision for a sustainable energy sector.
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.