Autodesk Water
Connecting Waterpeople
Autodesk Water Webinar Series - April 30th, 10h (UTC+1)

You are here

Southern Water data breach exposes vulnerability of critical infrastructure

  • Southern Water data breach exposes vulnerability of critical infrastructure

About the entity


Southern Water, one of the major British water services providers, has acknowledged a data breach affecting a portion of its customer base and staff. The breach, which occurred during a cyber attack in January, raises concerns about the security of critical infrastructure and the increasing threats posed by cybercriminals.

The company has said in a statement that between five and ten percent of Southern Water's customers have had their personal details compromised, in addition to an undisclosed number of current and former employees. While the company has not confirmed ransomware involvement, the Black Basta ransomware group claimed responsibility for the attack, according to The Register. The severity of the breach became apparent when Black Basta leaked the stolen data online, including sensitive information such as identity documents and HR files.

Southern Water has notified affected individuals and is supporting them with security advice and free enhanced Experian credit monitoring for 12 months. However, the scale of the incident is significant, considering the millions of customers the company serves.

Since the incident, Southern Water’s IT security teams have worked with independent incident response experts to check for any suspicious activity. The company is working with the UK Government, regulators and the National Cyber Security Centre throughout the whole process and has also notified the police and the Information Commissioner's Office.

“Southern Water’s operations and services to customers have not been impacted”, assured the company. However, the incident underscores the vulnerability of critical infrastructure to cyber threats and the potential for disruption to essential services. As cyber threats continue to evolve, it is imperative for critical infrastructure providers to bolster their cybersecurity defenses and enhance collaboration with authorities to mitigate risks effectively. 

Subscribe to our newsletter

Topics of interest

The data provided will be treated by iAgua Conocimiento, SL for the purpose of sending emails with updated information and occasionally on products and / or services of interest. For this we need you to check the following box to grant your consent. Remember that at any time you can exercise your rights of access, rectification and elimination of this data. You can consult all the additional and detailed information about Data Protection.

Featured news