GREAT BAY--The Association for Consumer Protection St. Maarten (ACP-SXM) has issued a detailed response to statements made by NV GEBE management during its June 19, 2026 public briefing, stating that the utility company presented what ACP-SXM describes as a selective narrative that failed to give consumers the full picture.
ACP-SXM said it conducted a thorough, evidence-based review of GEBE’s statements, comparing them to the findings of the Aurora InfoTech cybersecurity investigation report and the independent tariff evaluation conducted by the (RAC) and Bureau Telecommunicatie en Post St. Maarten (BTP SXM). Both documents were commissioned by government and are now before Parliament.
According to ACP-SXM, while some factual claims made by GEBE were accurate, the overall presentation was selective, structurally misleading and fell short of the level of public accountability owed to consumers in St. Maarten.
“ACP-SXM categorically rejects the use of a public platform, funded and supported by this community, to manage perception rather than deliver truth,” the organization stated.
Cyberattack: ACP-SXM Says GEBE Left Out Critical Information
ACP-SXM acknowledged that the basic timeline of the March 17, 2022 cyberattack, as presented by GEBE, is confirmed by the Aurora InfoTech report. This includes the attack date, the encryption of more than 55 servers and 168 workstations, the compromise of backup systems and the loss of data from March 2021 through the date of the attack.
However, ACP-SXM said GEBE failed to explain why the cyberattack succeeded and what security weaknesses were identified.
According to ACP-SXM, Aurora InfoTech documented several security failures, including the absence of patch management protocols, expired FortiGuard firewall subscriptions, no cybersecurity policies, a shared local administrator password, “GBAdmin,” used across all computers, and an unpatched Microsoft Exchange Server vulnerable to publicly known ProxyLogon and ProxyShell exploits. ACP-SXM noted that patches for these vulnerabilities had been available since 2021.
“GEBE was warned. GEBE did not act,” ACP-SXM stated.
The organization also said that after the attack, GEBE management reversed its own approval for the implementation of Multi-Factor Authentication, leaving the company’s Microsoft 365 environment unsecured even after the breach.
ACP-SXM further stated that the BlackByte ransomware group exfiltrated GEBE’s data and published it on the dark web. As of June 2022, according to the organization, 92 GEBE employee credentials were publicly exposed. ACP-SXM said GEBE has never formally disclosed this data breach to the consumers and staff whose information may have been compromised.
The organization also pointed to concerns involving GEBE’s SCADA network, which controls St. Maarten’s power generation infrastructure. ACP-SXM said the network was found to share a fiber backbone with the compromised IT network, a serious national security risk that Aurora InfoTech flagged to Dutch National Police. ACP-SXM said GEBE made no mention of this during its June 19 public briefing.
ACP-SXM said consumers have a fundamental right to know that the infrastructure delivering their electricity was compromised due to documented security failures, that their data may have been leaked and that national security risks were identified but not disclosed.
“Silence on these matters is not neutrality. It is a violation of the public trust that a monopoly utility must uphold,” ACP-SXM stated.
Fuel Clause: ACP-SXM Points to Reported USD 6.9 Million Surplus
ACP-SXM said the most serious omission from GEBE’s June 19 public briefing involved the fuel clause.
According to ACP-SXM, the RAC/BTP tariff evaluation, commissioned by GEBE’s shareholder government and submitted to Parliament, documents in Table 4 that between March 2022 and December 2024, GEBE collected approximately USD 6.9 million, or approximately XCG 12.6 million, more from consumers through the fuel clause than it actually spent on fuel costs.
ACP-SXM said that while GEBE described the fuel clause formula and implied it was functioning properly, management made no mention of the reported USD 6.9 million surplus.
“This is not an oversight. It is a material omission that directly harms consumers,” ACP-SXM stated.
The organization also said the RAC report identified three structural flaws in the fuel clause formula that GEBE presented as sound methodology.
First, ACP-SXM said the Seven Seas deduction violates cost causality. According to the organization, GEBE deducts electricity supplied to Seven Seas Water Company from total production before calculating the fuel clause. ACP-SXM said this shifts the fuel costs of water production onto ordinary electricity consumers instead of water tariffs. The organization said the RAC report, in Section 5.2 and Recommendation 7, explicitly identifies this as a structural flaw.
Second, ACP-SXM said the fixed 8.5 percent Non-Revenue Electricity rate is improperly applied. The organization said the RAC report, in Section 5.4, found that this should be calculated dynamically each billing period based on actual production and sales. ACP-SXM said a fixed rate ignores real-time variability and may lead to growing inefficiencies.
Third, ACP-SXM said the current formula contains no correction mechanism to reconcile monthly surpluses and deficits against consumers. According to ACP-SXM, when consumers overpay, there is no adjustment or refund process and no recourse within the current system.
ACP-SXM said a monopoly utility that collects USD 6.9 million more than it spends on fuel and then appears before the public without disclosing that finding, while also presenting its formula as sound, is acting in a manner incompatible with consumer protection principles, transparency and the obligations of a public utility operating under a government concession.
Financial Claims Called Unaudited and Unverified
ACP-SXM also challenged financial figures presented by GEBE management during the June 19 briefing, including USD 14.2 million in monthly fuel and water costs, USD 26.4 million in potential monthly revenue and collection rate data.
According to ACP-SXM, those figures come exclusively from GEBE’s own internal, unaudited data.
ACP-SXM said the RAC report explicitly noted that GEBE’s annual accounts were requested during the tariff evaluation but were never provided. The organization further stated that all data used in the evaluation had not been audited by an independent accountant.
ACP-SXM said GEBE’s base electricity rate of XCG 0.25 per kWh has remained unchanged since 2011, but GEBE’s claim that this rate is insufficient to cover costs has not been substantiated by independently audited financial data.
“Presenting unverified internal figures at a public briefing is not the standard consumers deserve from a public monopoly utility,” ACP-SXM stated.
ACP-SXM Says Public Was Owed More
ACP-SXM said consumers in St. Maarten were owed a full and transparent explanation but did not receive it on June 19.
The organization said GEBE should have acknowledged that the 2022 cyberattack succeeded because of specific, documented security failures within management’s control, instead of only describing what the attack caused.
ACP-SXM said GEBE also should have publicly disclosed the data exfiltration and dark web publication of GEBE credentials, including whether customers and employees were ever notified.
The organization further stated that GEBE should have directly addressed the reported USD 6.9 million fuel clause surplus documented by the RAC/BTP report and provided a clear accounting of where those consumer funds went.
ACP-SXM also said GEBE should have honestly presented the structural flaws in the fuel clause formula found by the independent RAC evaluation, rather than describing the formula as if it had been validated and was sound.
In addition, ACP-SXM said GEBE should have committed to independent financial auditing with a specific timeline, which the organization said the RAC report identified as a prerequisite before any tariff figures can be trusted.
ACP-SXM also called for a concrete plan to implement the RAC/BTP report’s thirteen recommendations, including fuel clause correction mechanisms and tariff-setting regularization under BTP SXM regulatory oversight.
ACP-SXM: This Is a Consumer Rights Matter
ACP-SXM said the issues identified in its assessment are not merely administrative. The organization described them as direct and documented violations of the rights of every electricity and water consumer in St. Maarten.
The organization said consumers have a right to honest information, including the right to know that the fuel clause formula has been independently assessed as structurally flawed and that it reportedly generated a USD 6.9 million surplus over three years.
ACP-SXM also said consumers have a right to fair pricing. The organization argued that if water production costs are being shifted onto electricity consumers through improper cost allocation, then electricity consumers are being charged for costs they do not owe.
On data security, ACP-SXM said consumers and employees whose data was exfiltrated and published on the dark web in 2022 have never been properly informed. The organization said that, four years later, this remains an unaddressed breach of trust.
ACP-SXM also said consumers have a right to regulatory protection. The organization said the RAC report found that GEBE has operated as its own regulator, setting tariffs without independent verification or ministerial oversight for years. ACP-SXM said it exists to fill the void that has left consumers unprotected.
The organization also highlighted the right to redress, stating that without a correction mechanism in the fuel clause formula, consumers have no pathway to recover overpaid charges. ACP-SXM called for this to be rectified immediately through regulatory intervention.
ACP-SXM Calls for Transparency From GEBE and Government
ACP-SXM said every household and business receiving an electricity bill in St. Maarten is affected by these issues.
“The USD 6.9 million collected beyond actual fuel costs did not come from an account. It came from the wallets of St. Maarten’s consumers, many of whom are already struggling with the cost of living,” the organization stated.
ACP-SXM said it will not allow the matter to be normalized, minimized or buried beneath what it described as a managed public narrative.
The organization said it was founded to give consumers in St. Maarten a structured, evidence-based and legally grounded voice in matters that affect their daily lives and rights.
“We are not opposed to NV GEBE as an institution. We are opposed to the absence of accountability, transparency and consumer protection that its current conduct represents,” ACP-SXM stated.
The organization called on GEBE management and its shareholder government to choose a path of genuine transparency before legal and regulatory consequences deepen.
“The consumers of St. Maarten are watching. ACP-SXM is documenting. And the record will speak,” the organization concluded.
Join Our Community Today
Subscribe to our mailing list to be the first to receive
breaking news, updates, and more.
