UK water company Southern Water confirmed yesterday that cyber criminals had broken into their IT systems, stealing data. In a statement, the company says “there is no evidence that our customer relationships or financial systems have been affected”, while their services are operating normally. Southern Water had previously detected suspicious activity and had opened an investigation into the matter, with cyber security experts.
The water company has informed the UK Government, regulators and the Information Commissioner's Office, and continues to investigate while following the advice of the National Cyber Security Centre (NCSC).
The attack was claimed by the Black Basta ransomware group, which said to have stolen 750 GB of data including personal data and corporate documents, according to tech publication The Register.
On the other side of the Atlantic, a cybersecurity incident affected Veolia North America, the service provider managing the water system of the city of Rahway, New Jersey, according to a statement by the City. The company is working closely with law enforcement and external cybersecurity experts to mitigate any potential threats and impact, but Veolia has not reported any evidence of leaked personal identifiable information, according to the city.
The water and wastewater industry is increasingly a target of cybercriminals. In the UK, the National Cyber Security Centre (NCSC) issued an advisory last November on the threats to critical infrastructure, including the water sector. In the U.S, the Cybersecurity and Infrastructure Security Agency (CISA) is “prioritizing the water sector in its engagements and efforts due to the significant level of cyber and physical risk associated with this sector combined with its relative lack of resources to address those risks”, and has recently released an Incident response Guide to assist owners and operators in the water sector.