UK’s Southern Water notifies customers and employees of data breach

Southern Water has verified that a recent ransomware attack resulted in unauthorized access to personal data belonging to both customers and employees. The UK water supplier intends to inform 5-10% of its customer base, comprising an estimated 230,000 to 460,000 individuals out of the 4.6 million customers in Southern England. Additionally, the company will notify current and select former employees about the potential compromise of their personal information, as announced on February 13th 2024.

The notifications will include guidance and recommendations to affected parties regarding the potential risks and preventive measures. Recipients will be advised on the possible threats such as phishing attacks and identity theft that may arise from the misuse of the stolen data by malicious actors.

Southern initially disclosed a data breach on January 23rd 2024, attributing the incident to the Black Basta ransomware group. The company acknowledged the release of “a limited amount of data” but emphasized that its operations and customer services remained unaffected.

After conducting an investigation with technical experts, Southern revealed that data from a restricted section of its server infrastructure was pilfered during the cyberattack. As of now, there is no new evidence indicating the publication of the stolen data online. Southern has enlisted the services of independent cybersecurity professionals to actively monitor the dark web, ensuring swift detection of any signs of data leakage.

The company asserted that these monitoring efforts will persist for as long as deemed necessary. Southern continues its collaboration with governmental bodies, regulatory authorities, law enforcement agencies, and incident response specialists to thoroughly probe the incident and identify any additional suspicious activities within its IT infrastructure.