A ransomware infection at an electricity provider in the city of Johannesburg, South Africa's biggest city and financial capital, has left some of its residents without power.

The ransomware infection impacted City Power -- a provider of pre-paid electric power for Johannesburg residents and local companies.

The malware encrypted the company's database, internal network, web apps, and official website.

City Power admitted to getting infected in a series of tweets the company posted on its official Twitter account.

The virus has affected our customers' ability to vend, that is buying electricity, upload invoices, or access our website.

It may also affect our response to some outages as the system to order and dispatch material is affected. @CityofJoburgZA — @CityPowerJhb (@CityPowerJhb) July 25, 2019

The infection, which took root yesterday, is now preventing customers from buying electrical power units, or feeding (selling) electrical power back into the grid, which some residents are producing from solar panels.

Business Insider South Africa is reporting that today, July 25, is also a standard payday for many South Africans, and usually a day when many use their salaries to pay for new electricity packages for the upcoming month.

On Twitter, there have been quite a few Power City customers who complained over the last 12 hours about blackouts at their homes and across the city, and not being able to buy new electricity.

@CityPowerJhb new ref number for Central Park complex Oakdene Parks drive ref CPWEB2505517 previous ref cancelled stating mv restored power on it isn’t on pic below pic.twitter.com/MSzAtG5N3c — Lauren Mayer (@Foxistar) July 25, 2019

@CityPowerJhb please an update???? This is getting ridiculous. We have exotic fish in a fish tank that need their air filter on!! — Haley (@BellaNymph) July 25, 2019

Like since after 9pm last night till now we don't have power😭☹️💔 — Jamal Al-Fayeed (@uManqobaM) July 25, 2019

City Power is owned by the City of Johannesburg. The company also said the ransomware has made it more difficult to respond to outages at the same speeds as in the past, due to a lack of access to internal applications.

The company said it was increasing the number of support teams it was keeping on standby, in case of an emergency.

City Power didn't disclose the name of the ransomware that impacted its systems.

Cities increasingly targeted by ransomware gangs



The city of Johannesburg is not the first municipality to have its network infected by ransomware, although it is one of the luckiest.

Some cities have paid huge ransom demands to get access back to city files they hadn't secured via backups -- such as Riviera Beach City, Florida ($600,000); Lake City, Florida ($500,000); and Jackson County, Georgia ($400,000).

Cities in Atlanta and Baltimore have gone through large-scale ransomware infections that have crippled a wide array of city services, and the city ended up paying tens of millions of US dollars when rebuilding their IT networks.

Johannesburg can count its lucky stars that crooks didn't breach its main IT network. All in all, city networks, or city-connected services like City Power, have been increasingly targeted by ransomware gangs in recent months.

Related malware and cybercrime coverage: