Qilin purports breach of US electric cooperative

Tennessee Valley Electric Cooperative, which caters to West Tennessee's Wayne and Hardin Counties, had its systems claimed to have been breached by the Qilin ransomware operation, according to Cybernews.

"Qilin did not post any samples in their blog, so it is not clear what data they allegedly have," reported Cybernews researchers. Moreover, TVEC which is part of the Tennessee Valley Authority, a federally owned electric utility that serves the larger Tennessee Valley region has yet to acknowledge the incident. Attackers may have stolen organizational data, such as employee information, customer information, or internal documents, based on past attacks.

The gang has previously targeted other U.S. electric cooperatives. In 2025, it allegedly attacked Karnes Electric Cooperative, which serves approximately 23,000 households, and San Bernard Electric Cooperative, which serves roughly 28,000 households. Qilin also claimed it stole 222 GB of data from Spark Power, a Canada-based electrical services company that operates in the U.S.