Duke Energy fined $10 million for cybersecurity failures on grid

Duke Energy fined $10 million for cybersecurity failures on grid

CHARLOTTE, N.C. — The North American Electric Reliability Corp. has imposed a $10 million fine — its largest ever­ for cybersecurity violations — on an unnamed power company identified in news reports as Duke Energy Corp.

The corporation lists close to 130 violations against the unnamed company and its regional entities in the public version of a report sent to the Federal Energy Regulatory Commission on Jan. 25. It says that, “although the risk posed ... by the violations ranged from minimal to serious, ... the 127 violations collectively posed a serious risk to the security and reliability” of the power system.

Content Continues Below

The risk was increased, it says, because “many of the violations involved long durations, multiple instances of noncompliance, and repeated failures to implement physical and cybersecurity precautions.”

The violations took place from 2015 to 2018, it says.

Read the full story here.