United Group confirms that on Monday, 22 September, one of its subsidiaries in Bulgaria – Mainstream Bulgaria – was targeted by a malicious cyberattack carried out by external malefactors.

Thanks to swift action supported by leading cybersecurity specialists, the incident has been largely contained. An investigation is underway, and the relevant stakeholders have been notified in line with compliance obligations.

As a result of this attack, some of Vivacom’s business clients may be experiencing temporary technical difficulties with certain services. Restoring full functionality remains the highest priority for both Vivacom and Mainstream Bulgaria. Importantly, Vivacom’s core services – mobile and fixed connectivity – remain fully operational and unaffected.

United Group strongly condemns these criminal acts, which are designed to disrupt businesses and inconvenience consumers for financial gain. Cyberattacks are an unfortunate reality for companies worldwide, and United Group continues to prioritize investment in the security and resilience of its networks across all markets in which it operates. We are undertaking a thorough review of systems across the Group to identify any further vulnerabilities and reduce the risk of further incidents.

We regret the disruption caused by this incident and thank our customers and partners for their understanding as remediation continues. United Group remains fully committed to transparent communication and will provide further updates as appropriate.