Ransomware victim disclosure
← All victimsEncina Wastewater Authority
Claimed by Blackbyte · listed 2 years ago
Status timeline
- ListedMar 13, 2024
- Data leakeddate unknown
At a glance
- Group
- Blackbyte
- Status
- Data leaked
- Country
- United States
- Sector
- Government
- Listed on leak site
- Mar 13, 2024
About the victim
AI dossier — public-source company profileEncina Wastewater Authority (EWA) is a public agency Joint Powers Authority established in 1961, owned by six public agencies serving over 379,000 residents across a 125-square-mile area in North San Diego County. Located in Carlsbad, California, EWA operates the Encina Water Pollution Control Facility with a treatment capacity of 43.3 million gallons per day, providing wastewater treatment and resource recovery services.
- Industry
- Water & Wastewater Treatment
- Address
- 6200 Avenida Encinas, Carlsbad, CA 92011
- Founded
- 1961
Attack summary
Severity: high — Critical infrastructure (water treatment facility serving 379,000+ residents) confirmed compromised by ransomware operator with published disclosure. Operational disruption to essential public utility poses significant risk to public health and environmental protection, even without explicit proof of data exfiltration stated in excerpt.Blackbyte claims to have attacked the Encina Wastewater Authority. The specific data exfiltrated or encryption status is not detailed in the available leak post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- operational records
- administrative systems
What the group claims
The Encina Wastewater Authority (EWA) is a public agency located in Carlsbad, California. EWA provides wastewater treatment services to more than 400,000 residents in northwestern San Diego County. EWA's facilities and services are essential for protecting the local ocean environment, preserving public health, and providing valuable water resources for the region. EWA is owned by six public agenci
Sources
- Victim siteencinajpa.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

