Itron, a major provider of water and energy monitoring systems serving hundreds of millions of homes and businesses globally, disclosed it was hacked. The breach affects a company deeply embedded in critical infrastructure across multiple countries.
Itron announced the security incident affecting its systems and customer data. The company supplies smart meters, software, and analytics platforms to utility companies worldwide, making the breach potentially significant for critical infrastructure security.
As a leading provider of Internet of Things (IoT) solutions for utilities, Itron's customers include water, gas, and electric companies in North America, Europe, and Asia-Pacific regions. The company's technology helps manage consumption data for hundreds of millions of endpoints globally.
The company has not yet disclosed full details regarding the scope of the breach, including what data was accessed or how many customers were affected. An investigation into the incident is underway.
This breach raises concerns about the security of critical infrastructure systems. Utility companies depend on Itron's platforms for managing essential services that millions of people rely on daily. Any compromise of these systems could potentially impact operations across water, gas, and electricity distribution networks.
Itron has begun notifying affected customers and has engaged cybersecurity experts to investigate the extent of the intrusion. The company is coordinating with relevant authorities on the matter.
The incident highlights ongoing vulnerabilities in critical infrastructure technology. Utility companies and government agencies face increasing pressure to secure networked systems managing essential services. Breaches at major vendors can create cascading risks across entire industries that depend on their platforms.
Itron has advised customers to monitor their accounts and systems for suspicious activity. The company said it is implementing additional security measures and will provide updates as the investigation progresses.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.