Ransomware victim disclosure
← All victimsSERCIDE
Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedFeb 12, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- Spain
- Sector
- Energy
- Listed on leak site
- Feb 12, 2024
About the victim
AI dossier — public-source company profileSercide is a Spanish technology company providing advanced software and integrated services to electrical distributors and energy companies across Spain. It serves over 180 distributors with solutions for grid management (GIS), meter data management (MDM), billing, and regulatory compliance.
- Industry
- Energy Distribution Software & Services
Attack summary
Severity: high — Confirmed data exfiltration from a critical energy sector company providing infrastructure management services to 180+ distributors across 600 Spanish municipalities. Access to such systems poses operational risk to electrical distribution networks.ALPHV claims to have exfiltrated data from Sercide. The group references the company's role as an association representing around 600 municipalities' electrical distribution interests, suggesting access to critical infrastructure coordination data.
Data the group says was taken
AI dossier — extracted from the leak post- company operational data
- potentially client/distributor information
- electrical infrastructure records
What the group claims
CIDE has representation in around 600 municipalities distributed throughout Spain, 75% of them with a population of less than 5,000 inhabitants. CIDE - Association of Electrical Energy Distributors.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

