Southern Water: On Monday 12 February 2024 we announced that data from a limited part of Southern Water’s server estate had been stolen and was at risk following an illegal intrusion into our IT systems. This arose from our ongoing investigation into suspicious activity, as detailed in our statement on 23 January 2024.
We are very sorry that this has happened.
We continue to work with our expert technical advisers to confirm whose data is at risk. Our initial assessment is that this is the case for some of our customers and current and former employees.
We have engaged leading independent cybersecurity experts to monitor the “dark web”. They continue to report to us that, since we were named on the cyber criminals’ site on 22 January 2024, they have found no new evidence of the data potentially involved in this cyber incident being published online. They will continue to carry out their checks for as long as is necessary.
We take data protection and information security very seriously and, in accordance with our regulatory obligations, we are making contact with anyone whose personal data may be at risk.
Based on our forensic investigations so far, which are ongoing, we are notifying in the order of 5 to 10 percent of our customer base to let them know that their personal data has been impacted. We are also notifying all of our current employees and some former employees.
No comments:
Post a Comment