February 14, 2024 at 07:41AM
Southern Water confirms data breach affecting 5-10% of customers and undisclosed staff members due to January cyberattack. Black Basta ransomware group claimed responsibility. Data, including personal and financial details, was leaked online. Customers being notified and offered Experian Identity Plus membership. No evidence of further data publication found. Critical infrastructure increasingly targeted by ransomware groups.
From the meeting notes, it is clear that Southern Water has experienced a significant data breach due to a cyberattack. The breach has impacted both customers and employees, with sensitive personal data such as names, dates of birth, national insurance numbers, bank account numbers, and payment reference numbers potentially stolen. The company has acknowledged that between 5% and 10% of its customers may have had their data compromised.
Southern Water has taken steps to notify affected individuals and is offering free 12-month Experian Identity Plus membership for credit monitoring. The company has also sought external assistance for investigation and has been in communication with government authorities, regulators, and cybersecurity agencies. It has assured that its operations and services to customers have not been impacted.
The cyberattack has been attributed to the Black Basta ransomware group, although Southern Water has not confirmed the involvement of ransomware. The situation has raised concerns about the security of critical infrastructure, particularly in the water and wastewater sectors, and the potential for severe disruption caused by such attacks.
Despite efforts by external actors to further publish the stolen data online, Southern Water’s latest statement indicates that third-party investigators found no new evidence of such activity. However, the situation remains dynamic, and the company has committed to providing further updates on its website and social media channels.
The notes also mention the involvement of national cybersecurity agencies in addressing the ongoing threat to critical organizations, with specific examples of cyberattacks targeting water authorities. Additionally, there is a reference to ransom payment implications and the importance of enhancing cybersecurity measures in response to such incidents.
Overall, the meeting notes reveal a serious and complex cybersecurity incident that has impacted a large number of individuals and raised concerns about the security of critical infrastructure. Southern Water is actively working to address the breach, mitigate its impact, and keep stakeholders informed.