A ransomware attack that occurred on Christmas Eve struck the Scottish Environment Protection Agency (SEPA). The agency revealed that its contact center, internal systems, processes and internal communications were all affected because of the attack. Due to damages, email systems, internal systems along with some data products are all down and with no clear recovery timetable. Fortunately, SEPA reassured the people of Scotland that their priority regulatory, monitoring, flood forecasting, and warning services were all still intact. All the proper authorities have been brought together to investigate how the ransomware made its way onto SEPA’s systems. No attacker has yet to be officially named by SEPA, but the Conti ransomware group has released what they say is seven percent of the data that they exfiltrated from the agency on their leak site. In total, it’s likely more than 4,000 files were taken. Some of the data that was stolen includes information about business operations, procurement, projects, and staff.