Volue ASA

Legal Proceedings Report • May 13, 2021

Update II on cyber-attack on Volue

Update II on cyber-attack on Volue

(Oslo, 13 May 2021) Volue ASA (Volue, OSE:VOLUE) announces that software solutions applications to over 95% of the customers affected by the 5 May 2021 cyber-attack have been deemed safe. The extraordinary financial impacts from the cyber-attack are still uncertain and Volue will continue to provide updates.

“Our cyber task force team has worked 24/7 with relevant partners and authorities since the cyber-attack last Tuesday. We immediately initiated operation Stop & Recover and we have announced that over 95 percent of the customers have been deemed safe and that Volue’s normal operations soon will resume. I will thank our customers and our stakeholders for their understanding and co-operations, and the entire Volue team for their dedication in the efforts to ensure safe operations for our customers,“ says Trond Straume, chief executive officer of Volue.

Reference is made to the press release 5 May 2021 regarding the cyber-attack on Volue, impacting operations in some of the company’s business areas. Mitigating actions were immediately implemented and the company has hosted public updates and webinars every morning. Visit volue.com/urgent-updates for the full records on the cyber-attack.

“We have deployed all relevant resources to manage the situation and immediately decided to share detailed information during and after the attack. Volue has received tremendous support from our customers and positive feedback from the cyber experts and our position as a leading provider of safe operations is verified as battle proven. We have continually updated our customers that their applications are deemed safe and will keep sharing information with our customers” Straume says.

During the time following the cyber-attack, substantial efforts have been invested into restoring and safeguarding internal systems, networks and equipment. This has enabled rapid operational recovery to ensure customer deliveries, services and support can be delivered safely, with high quality and security. As Volue is a leading provider of systems and services to critical infrastructure, a trustworthy delivery is of utmost importance.

The cyber-attack has impacted Volue Technology’s (“Powel”) operations teams. Volue cannot see any impacts by the breach for Insight (“Wattsight”), Market Services (“Markedskraft”), Industrial IoT (“Scanmatic”) and Likron.

“The financial impacts from the cyber-attack are still uncertain, but we will continue to provide updates and expects to report the full extraordinary financial effects when presenting the second quarter 2021 financial results, or sooner,“ Straume concludes.

Information on the cyber-attack will be continuously updated on

volue.com/urgent-updates.

For additional information, please contact:

Trond Straume, chief executive officer, Volue +47 907 99 625

Arnstein Kjesbu, chief financial officer, Volue +47 970 47 699