From internal leaks to prevent a CEO job acquisition to an all–out cyber–attack which included a 1–million–dollar price behind it for access to their data, our country is facing yet another obstacle with this GEBE fiasco.
For a short summary, GEBE closed its doors on March 17, 2022, up until June 6, 2022, after a cyber–attack which hit about 55 servers and 168 workstations. The attack being said as self–inflicting due to the weak security GEBE possessed to protect their servers at that time. Losing most if not their entire system which includes debtor and creditor information. Proceeding closing their doors, the team at GEBE came up with how they would categorize their clients without their database.
Clients were split into 4 categories – respectively A, B, C, and D.
Category A – clients who had received their bill and were urged to pay it prior to a specific date.
Category B – clients who were in a dispute over received invoices; for them to contact customer care.
Category C – clients who did not receive a bill; for them to come in and make a payment.
Category D – clients who were not uploaded into the system due to being new or recent changes made; for them to make a payment via the bank.
It was said that GEBE collections were down to 30-40% of monthly revenues after the attack. It was also said that GEBE was also collecting nearly NAf. 550,000 a day and had depleted down to nearly NAf. 30,000 a day after the cyber–attack.
Nearing its official anniversary of the breach, there are many questions at hand in relation to the transparency of the situation.
To date, regular bills are not received, what is being done about this?
For those who are receiving bills, what is being done about the incorrect readings?
How many people will be penalized to bear the additional costs; and who will benefit from this?
Which clients were excused?
Whose accounts were wiped out?
What happens to the outstanding amounts that clients are not able to pay?
What happens to the leaks that have gone unnoticed due to the delayed billing?
On what grounds does GEBE calculate or estimate what a client owes them without having proper record in their system?
These are questions that need answering. St. Maarten operates under one sole company who is responsible for the production/distribution of electricity and water operations. How can it be that, their data base was poorly protected, and furthermore not having contingencies in place? You come to ask, is this situation fully transparent to the public, or is it another ploy against the hard-working people of St. Maarten?
Viren V. Kotai