Itron reports cyberattack impacting critical infrastructure systems

Itron, a U.S.-based provider of energy and utility technology, has confirmed that it experienced a cyberattack in mid-April, during which unauthorised actors gained access to parts of its systems.

In a filing submitted to the U.S. Securities and Exchange Commission late Friday, the company stated that it had been alerted to an intruder in its network. While Itron did not disclose who initially identified the breach, it reported that it has since removed the attackers and has not observed any further unauthorised access to its internal systems.

The company has not specified the nature of the attack, leaving unclear whether it involved ransomware or if any direct communication occurred between the attackers and the company. It also remains uncertain what operational or technical impact the incident may have had on Itron’s systems.

Itron indicated that it did not detect unauthorised activity within the “customer-hosted portion of its systems,” suggesting the incident may have been confined to its internal IT infrastructure rather than directly affecting customer environments. The company confirmed that it has notified law enforcement authorities about the incident.

Headquartered in Liberty Lake, Itron develops technologies for managing energy consumption across water, gas, and electricity networks. Its products include internet-connected utility meters deployed in more than 110 million homes and businesses worldwide. The company serves thousands of customers, including municipalities and utilities, and operates in over 100 countries.

Following the breach, Itron activated its contingency measures and relied on data backups to maintain operations. The company stated that its services have continued “in all material respects,” though it cautioned that additional legal disclosures and regulatory notifications may be required. This suggests the incident may involve a data breach that could trigger further reporting obligations under applicable laws.

The company has not publicly identified any individual or team responsible for overseeing cybersecurity within its organisation.