BleepingComputer has written an article covering a ransomware attack on Empresas Públicas de Medellín (EPM), a Colombian energy, water, and gas utility. According to reports, employees were told to work from home and public facing websites were unavailable, including payment portals, after EPM was targeted by BlackCat ransomware. While the company has not released many details, independent security researchers have found an unsecured server utilized by the threat actor behind the attack where it appears data on over 40 EPM machines was uploaded before being encrypted. Read more at BleepingComputer here.