Southern Water has confirmed that private knowledge of each prospects and workers has been accessed in a latest ransomware assault.
The UK water provider revealed that it plans to inform 5-10% of its buyer base to tell them that their private data has been impacted. With the agency serving round 4.6 million prospects in Southern England, this might equate to between 230,000 and 460,000 individuals.
As well as, all present workers and a few former workers will probably be notified that their private knowledge could have been accessed, the corporate stated in a publish on February 13, 2024.
These notifications will provide recommendation and steerage on the potential dangers to these affected, and precautionary steps on the right way to mitigate them. That is more likely to warn of the potential risk of phishing assaults and identification theft that will happen if the stolen knowledge is utilized by risk actors.
Knowledge Leaked by Black Basta
Southern first revealed it had suffered a knowledge breach on January 23. This adopted the obvious leak of private knowledge held by the agency by the Black Basta ransomware group.
The utilities firm confirmed on the time that “a restricted quantity of knowledge has been revealed.”
Nonetheless, the agency’s operations and providers to prospects weren’t impacted.
Following an investigation with knowledgeable technical advisors, Southern stated that knowledge from a restricted a part of its server property was stolen within the assault.
There may be presently no new proof of the stolen knowledge being revealed on-line. Southern has engaged unbiased cybersecurity specialists to proceed monitor the darkish net for indicators that the knowledge has been leaked.
“They may proceed to hold out their checks for so long as is critical,” the corporate acknowledged.
Southern added that it’s persevering with to work with the federal government, regulators, legislation enforcement and incident response specialists to analyze the incident and uncover any extra suspicious exercise on its IT property.
Javvad Malik, Lead Safety Consciousness Advocate at KnowBe4, praised Southern’s transparency and adherence to incident response greatest practices.
“Whereas Southern Water’s immediate acknowledgment of the breach and their engagement with cybersecurity specialists to observe potential knowledge leaks is commendable, it highlights the persistent risk that cybercriminals pose to organizations, notably ones in crucial infrastructure,” he noticed.
Southern Informs Impacted Clients
A number of Southern prospects contacted the agency on X (previously Twitter) to examine the validity of emails they acquired from the agency confirming their knowledge was affected.
The screenshotted emails stated the information accessed could embrace prospects’ fundamental private particulars for administering accounts and figuring out them.
The corporate additionally appeared to supply impacted prospects free identification and credit score checks. Southern confirmed these emails had been authentic.
Hello there, it’s a legit e-mail. Southern Water skilled a cyber incident which resulted in unauthorised entry to its IT programs. As quickly as this was found, Southern Water took steps to isolate the risk and heighten its safety to guard its knowledge and programs.
— Southern Water (@SouthernWater) February 13, 2024
Rebecca Moody, Head of Knowledge Analysis at Comparitech, instructed Infosecurity that Southern Water’s estimate that 5-10% of its buyer base had been impacted by the assault would make it one of many largest knowledge breaches on a utilities firm globally since 2018.
It would be a part of Australia’s Optus which was hit in September 2022 and affected 9.8 million prospects. Satellite tv for pc tv firm Dish Community was focused in February 2023 and the information breach affected almost 297,000 prospects.
Chris Hauk, Shopper Privateness Advocate at Pixel Privateness, stated that each one prospects and present and former workers ought to act underneath the belief that their knowledge has been accessed, and keep alert for focused phishing makes an attempt utilizing the private data.
“Clients and workers ought to benefit from any credit score monitoring provided by Southern Water and also needs to make sure you maintain an in depth watch on all of their accounts, whereas additionally being alert for any newly opened accounts,” he suggested.
