Water firm fined after customers' details hacked
Summary
A water company called South Staffordshire was fined £963,900 after hackers stole personal information of over 600,000 customers. The company did not detect the cyberattack, which began in 2020 and only came to light in 2022, for 20 months.Key Facts
- South Staffordshire provides water to parts of Staffordshire, Walsall, Dudley, Warwickshire, Worcester, and Derbyshire.
- Hackers accessed personal information of 633,887 customers and published it on the dark web.
- The cyberattack mainly happened between May and July 2022 but started in September 2020.
- Hackers used a phishing email to install malicious software and gain administrator access to the company's IT network.
- The breach was discovered in July 2022 after the company noticed IT problems and found a ransom note.
- Over 4.1 terabytes of data, including bank details and staff National Insurance numbers, were leaked.
- Investigators found South Staffordshire had poor security measures and outdated systems, allowing the attack to go unnoticed.
- The company admitted fault and agreed to pay the fine without appealing.
Read the Full Article
This is a fact-based summary from The Actual News. Click below to read the complete story directly from the original source.