Update – 10 March 2025
WiFi-Connected Meters – Ongoing Work to Restore Services
We are making steady progress in patching together the backend systems required to support WiFi-connected meters. This part of the system was heavily reliant on services that were destroyed in the cyber attack, and we are having to rebuild much of it from scratch.
In the meantime, customers with WiFi-connected meters will continue to see errors in the app, as the backend services they depend on are still unavailable. We’re aiming to have functionality restored by the end of the month and sincerely appreciate your continued patience.
If you’d prefer not to wait, please contact us at support@decmetrics.co.uk to explore alternative options—such as upgrading to a 4G LTE-M module, which does not rely on WiFi and can be upgraded in situ.
Thank you again for bearing with us while we work through this rebuild.
Update – 30 March 2025
The Openmetrics site remains offline following the attack on 18 March. However, we have successfully recovered the primary database with minimal data loss, thanks to a recent backup taken moments before deletion. Unfortunately, the Openmetrics application itself is unlikely to be recovered, though we are actively exploring redeployment options.
Customers with WiFi-connected meters are still unable to access their data. Our developer is working to rebuild the data collection service and supporting APIs to restore this functionality. We sincerely apologise for the ongoing disruption.
Backend data services for our larger solar asset managers are already functioning or will be fully operational very shortly. For smaller customers who relied on the Openmetrics front-end, we are offering migration support—please reach out to dominic@decmetrics.co.uk or support@openmetrics.co.uk to discuss options.
Thank you again for your continued patience.
Service Update 18 March 2025
Openmetrics Cyber Attack
We regret to inform you that all Openmetrics services are currently unavailable until further notice due to a targeted cyber attack which started at 12:50 on 18 March 2025. The attacker successfully breached our security measures, including two-factor authentication, and issued a destructive command that deleted our Openmetrics application and database.
We are actively collaborating with our hosting provider, Heroku, to restore services. Unfortunately, the database backups maintained by Heroku were also impacted. However, Heroku is assisting us in recovering the most recent possible data. Given the extent of the damage, the restoration process could take weeks, if at all.
We remain deeply concerned about how the attacker bypassed security protocols to execute this command, particularly given our longstanding secure operation with Heroku since 2012. Heroku has yet to provide a satisfactory explanation regarding the absence of alerts or additional security checks prior to the destruction of our account.
Please note that the meter data collection service is unaffected, and readings continue to be securely stored independently. These readings will be synchronized with the primary database once services are restored. However, users of WiFi, and single and three-phase GPRS meters are currently unable to retrieve their data at this stage.
Thank you for your patience and understanding during this challenging period. We will provide further updates as soon as they become available.
Best Regards,
Dominic Clegg,
Director
DEC Metrics Ltd