January 23, 2024 at 06:57AM
Southern Water suffered a cyberattack leading to data theft, including personal information of customers and employees. The Black Basta ransomware group claimed responsibility, threatening to expose more data if a ransom isn’t paid. The UK government, regulators, and the Information Commissioner’s Office have been informed. The water industry faces increasing cyber threats, with the UK National Cyber Security Centre issuing an advisory.
The meeting notes indicate that Southern Water had a cyberattack resulting in the theft of a “limited amount of data” by the Black Basta ransomware group. The stolen data includes scans of identity documents, HR-related documents, and corporate car-leasing documents. Southern Water stated that they were aware of the data theft claim, and have reported the incident to the UK government, regulators, and the Information Commissioner’s Office (ICO).
It is concerning that the stolen data includes personal information of both Southern Water employees and customers. Additionally, there is a threat from the Black Basta group to expose more data if a ransom is not paid.
The water and wastewater industry has increasingly become a target for cybercriminals, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) to prioritize engagement with the sector.
Furthermore, there have been past attacks on water organizations, including a 2023 attack on a Pennsylvania water authority by Iranian attackers. The UK National Cyber Security Centre (NCSC) has highlighted the threat to critical infrastructure, including water organizations.
In summary, the cyberattack on Southern Water has exposed sensitive data, raising concerns about the security of the water and wastewater industry and the potential for further attacks.