Southern Water customers to be warned of data breach
UP TO half a million Southern Water customers are to be warned that their data may have been stolen as part of a Russian-linked cyber attack.
The utilities company admitted yesterday that as many as 10pc of its 4.7m customers across Kent, Sussex, Hampshire and the Isle of Wight might have been caught up in a hack, which was discovered on Jan 23.
“We continue to work with our expert technical advisers to confirm whose data is at risk,” Southern said. “Our initial assessment is that this is the case for some of our customers and current and former employees.”
A Russian hacking group quickly claimed responsibility for the cyber attack after it emerged a fortnight ago. The gang, calling itself Black Basta, posted a link claiming to have stolen data from Southern on its dark web hacking forum.
Southern had originally claimed it had “no evidence” that its customers or financial systems had been impacted, before admitting yesterday that up to 465,000 customers may have been victims, as well as many of its 2,000 staff.
The business has a total of 4.7m water and wastewater customers. Some customers had been warned that their bank details and National Insurance numbers could have been stolen. “Based on our forensic investigations so far, which are ongoing, we are planning to notify in the order of 5pc to 10pc of our customer base to let them know that their personal data has been impacted,” Southern said. “We are also notifying all of our current employees and some former employees.”
The company said it had hired cyber security experts to monitor the dark web for signs of the data breach, but so far it had not found any data being leaked online. Customers have been offered fraud monitoring services by Experian as a result of the attack.
The water utility, which is owned by Australian investment firm Macquarie, said it had informed the Information Commissioner’s Office of the breach and was working with the National Cyber Security Centre, an arm of GCHQ.
Black Basta’s hackers typically use computer viruses to lock down a company’s systems and steal its data, demanding a payment in cryptocurrency while threatening to leak stolen information.
The gang previously claimed responsibility for a cyber attack on outsourcer Capita last year.
Cyber security researchers estimate that the gang has extorted more than $100m (£80m) from its victims since it became active in 2022.