Southern Water, one of the major British water services providers, has acknowledged a data breach affecting a portion of its customer base and staff. The breach, which occurred during a cyber attack in January, raises concerns about the security of critical infrastructure and the increasing threats posed by cybercriminals.
The company has said in a statement that between five and ten percent of Southern Water's customers have had their personal details compromised, in addition to an undisclosed number of current and former employees. While the company has not confirmed ransomware involvement, the Black Basta ransomware group claimed responsibility for the attack, according to The Register. The severity of the breach became apparent when Black Basta leaked the stolen data online, including sensitive information such as identity documents and HR files.
Southern Water has notified affected individuals and is supporting them with security advice and free enhanced Experian credit monitoring for 12 months. However, the scale of the incident is significant, considering the millions of customers the company serves.
Since the incident, Southern Water’s IT security teams have worked with independent incident response experts to check for any suspicious activity. The company is working with the UK Government, regulators and the National Cyber Security Centre throughout the whole process and has also notified the police and the Information Commissioner's Office.
“Southern Water’s operations and services to customers have not been impacted”, assured the company. However, the incident underscores the vulnerability of critical infrastructure to cyber threats and the potential for disruption to essential services. As cyber threats continue to evolve, it is imperative for critical infrastructure providers to bolster their cybersecurity defenses and enhance collaboration with authorities to mitigate risks effectively.
