Elexon, a company that settles payments between generators, suppliers and brokers, disclosed on Thursday that it was hit by a cyber attack that crippled its email server.
The lights didn't go off across the country as a result of the attack, but the company revealed in a statement on its website that its internal IT systems, email server and employee laptops were affected in the incident.
BSC central systems, the core IT systems used in the imbalance settlement process, and th subsidiary EMR continued to work as normal.
"We are currently working hard to resolve this. However please be aware that at the moment we are unable to send or receive any emails," the company said.
In an update, the company added that it had identified the root cause of the incident, and was working to restore its internal network and employee laptops.
The company refrained from discussing the nature of the cyber attack, although many experts believe that it could be ransomware, considering its impact, which caused employees to lose access to the company's email server.
In a tweet, the National Grid Electricity System Operator (ESO) said that the electricity supply was not affected as a result of the attack and that it was investigating potential impact on its own IT networks.
Elexon is an important 'middleman' in the UK electricity market. It facilitates payments in the electricity market, and works with Britain's National Grid Electricity System Operator (ESO) to keep the lights on. The company manages electricity demand and supply and also runs the balancing and settlement code (BSC) system.
In March, the firm was reported to have been running an unpatched Pulse Secure VPN server.
The cyber incident comes just two months after cyber attack on ENTSO-E, the power grid organisation responsible for managing the operations of high voltage power infrastructure in Europe.
In March, ENTSO-E said that its administrative IT systems were cracked in a cyber attack, although its operational transmission system operator (TSO) systems were not affected.
An assessment was performed following the cyber attack, and proper contingency plans were also put in place, according to ENTSO-E, to minimise the risk of further attacks.
Maze ransomware group published several screenshots on their website, showing directory listings from the company's systems
The company says it is working to restart affected systems using backup data
A favicon is the logo image of a website shown in browser tabs
Main customer accounts were not impacted, according to the company
Cyber attack in February rendered Council's website and many payment systems completely inoperable