A data breach has been reported at Southern Water, the water company
Southern Water announced the breach on February 12 and put a statement on its company’s press line.
It is believed that “data from a limited part of Southern Water’s server estate had been stolen and was at risk following an illegal intrusion into our IT systems”.
The breach was discovered after the water company investigated the intrusion on January 23.
Southern Water continues to work with its cyber security experts to monitor the ongoing situation. It is known that the breach has affected customers and former employees.
You can read the full statement here
What has Southern Water said?
A spokesperson for Southern Water said: “We have engaged leading independent cybersecurity experts to monitor the “dark web”. They continue to report to us that, since we were named on the cyber criminals’ site on January 22, 2024, they have found no new evidence of the data potentially involved in this cyber incident being published online. They will continue to carry out their checks for as long as is necessary.
“We take data protection and information security very seriously and, in accordance with our regulatory obligations, we are making contact with anyone whose personal data may be at risk.
“Based on our forensic investigations so far, which are ongoing, we are notifying in the order of 5 to 10 percent of our customer base to let them know that their personal data has been impacted. We are also notifying all of our current employees and some former employees.”
The water company has been in contact with Government, regulators and the National Cyber Security Centre.
Southern Water continues: “These notifications include security advice, as well as guidance on recommended precautionary steps and details of the support we are offering them. This support includes enhanced Experian credit monitoring, free of charge, for the next 12 months. The service provides active monitoring which can detect and help prevent fraudulent misuse of personal information.
“Throughout this process we have been working with the Government, our regulators, and the National Cyber Security Centre. We have also notified the police and the Information Commissioner’s Office.
“Since the incident, our IT security teams have worked with independent incident response experts, using enhanced monitoring and protection tools to check actively for any suspicious activity on our IT estate. Southern Water’s operations and services to customers have not been impacted.
“Further updates will be posted on our website and social media channels as we know more. Please be assured that if at any point we have reason to believe your data may be impacted, we will notify you, in line with our regulatory obligations.”
In an era where financial fraud is on the rise, UK businesses are increasingly finding themselves targeted by cybercriminals deploying sophisticated scams. The financial
The UK government is ramping up efforts to strengthen national cyber defences with the introduction of the Cyber Security and Resilience Bill. This legislation
In the ever-evolving world of cybersecurity, AI is no longer just a tool for defense—it’s now being weaponised by cybercriminals to launch more sophisticated
The rapid pace of digital transformation has made it increasingly challenging for small and medium-sized businesses (SMBs) to keep up with evolving technology needs.
4th Platform is proud to support LegalAI in transforming the legal industry with cutting-edge AI solutions. One of LegalAI’s latest successes is its partnership
The UK’s IT industry is experiencing an unprecedented skills gap, with businesses struggling to find qualified professionals to fill critical roles. As technology continues
Data Privacy Day is more than just a date on the calendar—it’s a global reminder of the critical importance of safeguarding data in today’s
What a year for technology 2024 has been! As we step into 2025, the pace of innovation shows no signs of slowing down. From
In the rapidly evolving digital landscape, data protection remains a critical focus for businesses operating in the UK. Post-Brexit, the UK’s data protection framework
In today’s digital landscape, the consequences of non-compliance in IT security are severe and far-reaching. Organisations that fail to meet established security standards not
