Latest update on Cyber attack

Modified on Thu, 20 Oct 2022 at 04:03 PM



How to contact us?

A request can be submitted via our customer platform and we are also reachable via our phone number 02 523 40 60.

Most frequent asked questions on the cyber attack.

Click here. 

Status 20 October 2022

Due to a cyber attaque we are relaunching our services step by step. Concerning the Webportal for building owners there is only one functionality that still needs to be fixed:

  • Warnings on meter level (no consumption or suspicion of malfunctioning of the mixer tap)

We are doing are very best to get this back online as well. 

Status 21 September 2022

Dear client,

It has taken long enough, but things are moving in the right direction after the July cyber-attack. We have gradually regained full access to all our IT platforms and services.


All consumption data from our heat cost allocators, water meters were correctly, continuously, and accurately received throughout this period. No consumption data were lost at any time.  


Since this week, we have also restarted preparing your annual billing and are working at full speed to catch up with the backlogs.


Our Call Centre is as usual available via our general telephone number 02 523 40 60 and the usual webpage.  Our technicians are back on the road reading meters, carrying out installations and replacements.

We are currently still working on the final obstacles and expect all systems to be operational and stable from the beginning of next week.  

We apologise sincerely in advance for these difficult weeks and thank you for your understanding, patience, and trust.

Status 22 August 2022

The measurement of consumption is and will remain uninterrupted, the measured values are accurate and are passed on to us correctly. No values have been lost, so every customer will receive an annual statement.

Our Call Center is available to our customers as usual. Other previously limited technical services, such as our customer portal or our web services, are in the testing and verification phase after the repair. Based on the current progress, we are confident that we will soon be able to offer you our usual service again.

In addition to restoring the services, our focus is - as reported - on carefully examining the data package in connection with the attack released by the hacker group.

We have discovered that the attackers had, to a limited extent, also published personal data that we process on behalf of our customers in a small part of the markets in which we operate. Overall, however, it did not include any special categories of personal data as defined in the GDPR. We are currently informing the customers whose data was affected individually and in writing about the incident.

Status 11. August 2022

The recovery of our data and systems is progressing as planned. We are proceeding very carefully and at the same time implementing comprehensive protective measures with leading experts. We will do our best to reactivate individual services as quickly as possible.
Until then, we will stay reachable via our customer platform or via our phone number 02 523 40 60..

Our ongoing analyses, supported by proven IT forensics experts, have shown that the attackers were unable to access the functions of meters and measuring devices. Consumption recording therefore continues to run without restriction. No readings were or are being lost.

Currently, numerous other companies besides ista are reporting cyber attacks of various kinds. We are taking the increased threat as an opportunity to fundamentally review our already high security measures and to further increase the level of protection.
In addition, we closely monitor, with the support of external IT security experts, whether the criminal attackers are publishing data packets.

Today, we identified activity related to corporate data stolen from our servers. A data package related to the attack was published by a hacker group. Together with experienced forensic experts, we immediately initiated a comprehensive analysis of the data package to determine what data has been published. This is still ongoing and we expect further results of the analysis early next week.

If we discover that this involves data relating to our customers or employees, we will inform them in accordance with all contractual or legal requirements.

Status 29. July 2022

Dear ista customers,

currently, ista’s IT-System have been the victim of an external cyber-attack. As an immediate measure and to help prevent damage to our IT infrastructure, all potentially affected IT systems of the company have been taken offline. As a result, you will temporarily be limited or unable to use certain functions and services. We are very sorry for the inconvenience that this may cause you and ask for your continued patience as we try to resolve the issue.

We have informed the State Data Protection Authority and filed a report with the police. A specialist team of internal and external experts is currently conducting a thorough investigation of the incident and is working at full speed to remedy the disruption as quickly as possible. However, this may take some time.

We therefore continue to ask for your patience and hope for your understanding. Please be assured that we are taking the incident once again as an opportunity to review our extensive existing security measures in order to prevent similar attacks in the future.

Currently, we do not yet know what data the attackers obtained or what data has been accessed. All current information on the current status of the investigation and answers to the most important questions can be found here, which we are continuously updating, as soon as new information arises.

We hope to resume our usual services as soon as possible.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article