Ransomware victim disclosure
← All victimsSERCIDE
Claimed by ALPHV/BlackCat · listed 2 years ago
Status timeline
- ListedFeb 12, 2024
- Data leakeddate unknown
At a glance
- Group
- ALPHV/BlackCat
- Status
- Data leaked
- Country
- Spain
- Sector
- Energy
- Listed on leak site
- Feb 12, 2024
About the victim
AI dossier — public-source company profileSercide is a Spanish technology company that provides software and integrated services to electrical energy distributors and commercial operators. They serve over 180 distribution companies across Spain with tools including GIS systems, MDM (meter data management), and regulatory compliance platforms for billing and network access management.
- Industry
- Electrical Energy Distribution Software & Services
Attack summary
Severity: high — Confirmed data exfiltration from a critical infrastructure software provider serving 180+ electrical distribution companies across Spain. Potential access to sensitive grid infrastructure, customer lists, and regulatory data affecting essential services.ALPHV/BlackCat claims to have compromised Sercide and exfiltrated data. The group references CIDE (Association of Electrical Energy Distributors) context, suggesting access to customer or operational data related to Spain's electrical distribution network.
Data the group says was taken
AI dossier — extracted from the leak post- Customer/client data
- Electrical distribution network information
- System configuration or operational data
What the group claims
CIDE has representation in around 600 municipalities distributed throughout Spain, 75% of them with a population of less than 5,000 inhabitants. CIDE - Association of Electrical Energy Distributors.
Sources
- Victim sitesercide.com
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

