Broadband provider OzarksGo over the weekend notified about 4,500 customers of an October 7, 2024 cyber attack that disrupted TV service in Northwest Arkansas and Northeast Oklahoma. The linear TV outage is still ongoing as of time of writing.
“Due to the nature of the incident, the service impact is ongoing and expected to continue for an extended period of time,” OzarksGo says in a statement on its website. “An ongoing investigation has not identified evidence that any sensitive customer personal or financial information was compromised.”
Ransomware gang Play claimed responsibility for the attack on October 15, 2024, saying it stole “private and personal confidential data, clients documents, budget, payroll, and contracts.” Play demanded a ransom be paid by October 19, threatening to publish the stolen data if its demands are not met. OzarksGo has not verified Play’s claim.
OzarksGo is offering affected customers a month of free streaming TV service and internet service.
We do not yet know whether OzarksGo paid a ransom, how much Play demanded, or how attackers breached OzarksGo’s network. Comparitech contacted OzarksGo for comment and will update this article if it responds.
Who is Play Ransomware?
Like most ransomware gangs today, Play is known for double-extortion attempts that force victims to pay twice: once to decrypt systems, and again in exchange for not selling or publicly releasing stolen data.
Comparitech researchers logged 36 confirmed ransomware attacks claimed by Play in 2024 so far. It claimed another 242 attacks this year that haven’t been acknowledged by victims.
OzarksGo is not the first utility company targeted by Play this year. The group also attacked LS Networks in April and Texas Electric Cooperatives in June.
Ransomware attacks on US utilities
Ransomware attacks on US utilities can disrupt critical services for customers by encrypting a utility’s computer systems so they can no longer be used until a ransom is paid to decrypt them. In addition to crippling service, ransomware attacks also often steal confidential data that is used to extort targeted organizations for even more money.
In 2024 so far, we tracked nine confirmed ransomware attacks on US utilities, which is more than all of last year (7 attacks in 2023). These attacks affected about 800,000 records, which is more than double the 325,000 records compromised in all of 2023.
In addition to the aforementioned companies, other confirmed ransomware attacks on American utility companies in 2024 include: Veolia North America, Muscatine Power and Water, Encina Wastewater Authority, Frontier Communications Parent, Secure Energy Solutions, and Halliburton. The attack on Frontier Communications saw nearly 752,000 records affected.
We recorded another 29 such attacks that were claimed by ransomware gangs but not acknowledged by targeted organizations. Seven of those were claimed by Play.
About OzarksGo
OzarksGo is a fiber broadband internet, TV, and phone provider in Northwest Arkansas and Northeast Oklahoma. It’s a subsidiary of Ozarks Electric Cooperative, and electric utility company in the same region. OzarksGo serves more than 40,000 customers, according to its website.