Security News > 2024 > February > Southern Water cyberattack expected to hit hundreds of thousands of customers
UK utilities giant Southern Water admits between 5 and 10 percent of its customers have had their data stolen during a January cyberattack.
In a letter sent to customers already, seen by El Reg, Southern Water said names, dates of birth, national insurance numbers, bank account numbers, sort codes, and payment reference numbers may have been stolen.
Per the utility company's website, it provides water services to 2.5 million customers and wastewater services to more than 4.7 million customers.
"Since the incident, our IT security teams have worked with independent incident response experts, using enhanced monitoring and protection tools to check actively for any suspicious activity on our IT estate. Southern Water's operations and services to customers have not been impacted."
At the time of writing, Black Basta appears to have removed its post about Southern Water from its leak blog.
Now-shuttered Conti also semi-mistakenly claimed an attack on Thames Water in 2022, but actually breached South Staffordshire - parent company of South Staffs Water and Cambridge Water.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/14/southern_water_cyberattack/