Southern Water, a water company serving counties in Southern England, has issued a statement declaring that the organisation has become aware of a claim by cybercriminals that data has been stolen from some of its IT systems.
The statement says: “We had previously detected suspicious activity, and had launched an investigation, led by independent cybersecurity specialists.
“Since then, a limited amount of data has been published. However, at this point there is no evidence that our customer relationships or financial systems have been affected. Our services are not impacted and are operating normally.
“We have informed the government, our regulators and the Information Commissioner’s Office; and we are closely following the advice of the National Cyber Security Centre (NCSC) as our investigation continues.
“If, through the investigation, we establish that customers’ or employees’ data has been stolen, we will ensure they are notified, in accordance with our obligations.” Trevor Dearing, Director of Critical Infrastructure, Illumio, said: “Although Southern Water is aware of and investigating the breach, by the time an attack is detected it’s often too late. Attackers are spending more and more time in organisations’ networks to build a picture before launching an attack, so organisations must assume the bad guys are already in and make it harder for them to move across resources and environments.
“On this occasion, it seems like the goal was data exfiltration rather than causing maximum disruption. While this is undoubtedly concerning for customers, the outcome could have been much worse.
“Attackers will do whatever they can to get the quickest payout, so operators must prioritise security strategies like Zero Trust that can reduce the risk and impact of attacks.”