Security News > 2022 > August > Ransomware attack on UK water company clouded by confusion

A water company in the drought-hit UK was recently compromised by a ransomware gang, though initially it was unclear exactly which water company was the victim.
Clop, a prolific Russian-speaking gang known for extorting industrial organizations, claimed on its website that it had broken into and stolen data from Thames Water - which supplies water to about 15 million people, including those in the capital, London.
It had attacked South Staffordshire in the Midlands, the parent company of South Staffs Water - which has 1.6 million customers - and Cambridge Water.
Thames Water issued a brief statement to customers disputing what it called a "Cyber hoax," noting media reports that the company was under attack.
South Staffordshire issued its own statement, saying that the cyberattack hadn't affected its water operations and that both South Staffs and Cambridge were supplying water to all customers.
Though it might be embarrassing to the ransomware gang to misidentify its victim, the fact that it was targeting a water company "Is quite harrowing," he said.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/08/18/clop_ransomware_uk_water/
Related news
- Cyber Attack Severity Rating System Established in UK (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Medusa ransomware gang demands $2M from UK private health services provider (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)