Blog - Business IT Brighton

Southern Water: faces reputational fallout with confirmed cyber hack

Written by Gary | Mar 14, 2024 4:15:40 PM

Whilst Southern Water, operations and services have not been affected, the company is under siege because of a recent cyber attack orchestrated by the Black Basta group (January 2024). The group illegally stole data from the utility company and allegedly released it onto the web.

This blog was originally published to the website of CNC, who are now the Brighton branch of FluidOne.

Southern Water now admits that as many as half a million customers' personal information may have been stolen in the recent cyber attack"

Southern Water has now confirmed that stolen data includes such information as names, dates of birth, national insurance numbers, bank account details, as well as reference numbers. The company is working with various agencies to resolve the situation. The following email has been sent out to soften the blow.

Dear,

I am very sorry to inform you that Southern Water has been the target of an illegal cyber attack, which has unfortunately affected the security of some of your personal data……..

 

  • Basic personal details for administering your account and identifying you, such as your name and contact details. This may include your national insurance number and date of birth if you have provided these details to us.
  • Financial information including your sort code, bank account number and payment reference number.

 

Lessons Learned

If you want to avoid sending out such an email to your customers, then the following tips are a step in the right direction.

  • Protect your email with a strong password.
  • Do not share your password with anyone.
  • Install the latest security updates to your browser software and personal computing devices.
  • If in doubt, do not open emails from senders you do not recognise.
  • Check links look correct before you click on them.
  • Be suspicious of anyone who asks for your bank account or credit card details.
  • If the email contains spelling mistakes, this can be a sign that this is a phishing scam. Do not open the email or attachments.

Southern Water is a privately owned company, and the reputational damage caused by the cyber attack could potentially affect further long-term investment opportunities for the company. Equally, customers have been put at risk if cybercriminals have stolen what they say they have.  Affected individuals are being offered enhanced credit monitoring services for the next 12 months, free of charge/fully paid for by Southern Water.

If you are at all concerned about how your data has been handled by Southern Water then it’s best to contact the Information Commissioner's Office (ICO) directly.

Please contact the team at 01273 384 100.

By Gary Jowett

Gary has always focused on making sure the most appropriate solution is provided to help customers, not just what's new and shiny.
With over 30 years in the IT industry Gary has the experience to tell the difference between something that's game-changing or is just a passing fad!
View full post