Early on Thursday, 25 July 2019 City Power Johannesburg started experiencing some IT system issues that also resulted with its website displaying a HTTP 403 error. It later turned out that the power utility was apparently the victim of a ransomware attack that had denied it access to most of its systems.

For most of Thursday City Power had been quite on the details of the ransomware and recovery progress. However, later on Thursday afternoon it released a statement saying that "most of the IT applications and networks that were affected by the cyber attack have been cleaned up and restored."

You can read the full statement below.

Progress made following cyber attack on City Power IT system

City Power has been working to deal with a hit by a virus which has led to a black out to it's IT systems.

So far most of the IT applications and networks that were affected by the cyber attack have been cleaned up and restored.

These include the pre-paid vending system, which means that most customers will be able to access vending and buy electricity.

However work is still continuing on some systems and applications that were affected including the uploading of invoices by our suppliers, and logging faults by customers on the website. This will also affected our response time to logged calls as some of internal systems to dispatch and order material have been slowed by the impact.

The virus hit early Thursday morning compromising our database and other software's, impacting most of our applications and networks.

Among the temporary measures and alternatives City Power has created for customers include:

+ Fault logging - customers may not be able to use the website, as such they are requested to log calls on their cellphones using www.citypower.mobi;

+ Submitting Invoices - Suppliers seeking to submit invoices for payments should rather bring their invoices physically to City Power offices in Booysens;

+ New service connections were not affected by the cyber attack.

City Power cyber security is currently investigating the cause of this attack. Ransomware virus is known globally to be operated by syndicates seeking to solicit monies. We want to assure residents of Johannesburg that City Power systems were able to proactively intercept this and managed to deal with it quicker.

Customers should also not panic as none of their details were compromised.

We apologise for the inconvenience this has caused to the people of the City of Johannesburg.


If everything goes well we should have everything back by the end of Thursday.

Share this article via: