Southern Water reports major data breach impacting hundreds of thousands


Southern Water, a leading water utility company in the South East of England, has announced a significant data breach, potentially impacting between 235,000 and 470,000 of its customers. The breach, which occurred in January, saw hackers accessing sensitive customer information during a cyberattack.

The company, serving millions across the region, disclosed that “5 to 10 percent” of its customer base might have had their personal data compromised. This estimate, based on ongoing forensic investigations, leaves room for the possibility that the number of affected individuals could rise.

Details of the stolen data, as reported by BBC News, include customers’ dates of birth, national insurance numbers, bank account details, and reference numbers. Southern Water has yet to confirm the specifics of the compromised information.

In addition to customer data, Southern Water revealed plans to inform all current and some former employees about the breach. The utility firm, employing around 6,000 individuals, is still investigating the full extent of the incident.

The cyberattack was claimed by the Black Basta ransomware group, known for its links to Russia and previous attacks on major organizations like the U.K. outsourcing giant Capita. Shortly after the attack, Black Basta listed Southern Water on its dark web leak site, threatening to release 750 gigabytes of sensitive corporate and customer data unless a ransom was paid. The leak site’s listing included screenshots of stolen documents, such as employee passports and identity cards.

As of now, Southern Water’s name has been removed from Black Basta’s website, a move often seen after victim companies comply with ransom demands. However, Southern Water has not disclosed whether it paid any ransom.

According to JP, in response to the breach, Southern Water stated it is collaborating with cybersecurity experts to monitor the dark web for any signs of the stolen data being published. So far, the company reports no evidence of the compromised data appearing online.

The incident has been reported to the U.K.’s Information Commissioner’s Office, as Southern Water continues to assess the breach’s impact and work on bolstering its cybersecurity measures to prevent future attacks.

Maxwell Nelson

Freelance Journalist

Maxwell Nelson, a seasoned crypto journalist and content strategist, has notably contributed to industry-leading platforms such as Cointelegraph, OKX Insights, and Decrypt, weaving complex crypto narratives into insightful articles that resonate with a broad readership.

Las Vegas News Magazine

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More