On 16 December, People’s Energy was affected by a cyber security data breach. Though no financial information from their domestic members was compromised, some of the members’ other personal information was accessed.
They discovered that an unauthorised third party had gained access to one of the systems used to store some of the members’ data. As soon as they became aware of what was happening, they acted immediately to close down the route being used to get into the system, and to stop access to any further information.
They have informed the Information Commissioner’s Office and the energy industry regulator, Ofgem.
They are confident that for domestic members, no access was gained to any financial information, and members’ bank details are safe and secure.
Certain personal details of members were accessed. This includes names, addresses, phone numbers, email addresses, dates of birth, People’s Energy account numbers, tariff details, and gas and electricity meter identification numbers.
Online People’s Energy account passwords were not accessed in the breach, and remain secure.
Details for all their members were accessed. This includes both current members and former members who’ve used them as their energy supplier in the past.