Thursday, February 15, 2024

Southern Water Hacked

Southern Water are sending out emails to customers wrt a recent hack of their database.

"Cyber attack: important information about your personal data  

I am very sorry to inform you that Southern Water has been the target of an illegal cyber attack, which has unfortunately affected the security of some of your personal data, as one of our customers.

We are currently conducting an intensive investigation into this, supported by industry experts and following guidance from our regulators together with the National Cyber Security Centre. Our operations and services have not been impacted and your water supply is unaffected.

As a result of this investigation, we have reason to believe that the data stolen and at risk, and which relates to you, may include:

  • Basic personal details for administering your account and identifying you, such as your name and contact details. This may include your national insurance number and date of birth if you have provided these details to us.

  • Financial information including your sort code, bank account number and payment reference number.

What we are doing to reduce the risk to you  

Southern Water takes its data protection and information security responsibilities to you seriously, and so we are bringing this to your attention as soon as we can. We are working closely with the regulatory authorities. We have notified the Information Commissioner’s Office and are in regular contact with the National Cyber Security Centre. In addition, we have taken further steps, with support from independent cybersecurity experts, to enhance the security monitoring of our IT infrastructure.

We have also engaged a reputable third party to monitor the dark web on our behalf. They report that, since we were named on the cyber criminals’ site on 22 January 2024, they have found no new evidence of data potentially compromised by this cyber incident being published online. They will continue to carry out these checks for as long as necessary.

To ensure that we’re doing everything we can to look after you, we are offering you a 12-month, free-of-charge, enhanced Experian credit monitoring membership. This service provides identity monitoring and helps detect possible misuse of your personal information. It also supports identification and resolution of identity theft incidents....

What is the background?  

On 22 January 2024 we became aware that a cyber criminal organisation was claiming on its website to have stolen data from some of our IT systems.

We had previously detected suspicious activity and launched an investigation, as well as enhanced monitoring and other precautionary measures. Our independent cyber security specialists continue to investigate.

What happens next?  

The information we have provided is based on what we know at this time. Our investigation remains active, and should we receive any additional material information, we will contact you.

Once again, I am very sorry that this has happened and for any inconvenience this illegal breach of data may cause you. We are working closely with the authorities and industry experts, to do everything possible to manage the situation and support you at this time.

Please call our dedicated customer service team on 0330 303 0025 if you have any questions.


The National Cyber Security Centre, the Financial Conduct Authority and the Information Commissioners Office all provide helpful information to help protect your data and prevent fraud. This is summarised below with some useful links.

- Stay alert against any suspicious calls, texts or emails which could be a scam. If you receive any suspicious messages or calls, do not hand over any information such as your bank account details. Instead, hang up, or delete any worrying texts or emails and then contact your bank to report the suspicious activity. The FCA has some useful information on how to spot the warning signs of financial scams at

- Cyber criminals commonly use a scam technique called “phishing”, which is mostly email-based but can also be via telephone calls, to lure victims under false pretences to websites which appear legitimate to get them to provide information including bank account and credit card details. These emails/phone calls appear to be from recognisable sources such as banks but actually link to fraudulent websites. To help prevent phishing:

  • Protect your email with a strong password.

  • Do not share your password with anyone.

  • Install the latest security updates to your browser software and personal computing devices.

  • If in doubt, do not open emails from senders you do not recognise.

  • Check links look correct before you click on them.

  • Be suspicious of anyone who asks for your bank account or credit card details.

  • If the email contains spelling mistakes, this can be a sign that this is a phishing scam. Do not open the email or attachments.

- More helpful information on how to protect your data can be found on the National Cyber Security Centre’s website - and the Information Commissioner’s Office website – and"


  • Southern Water, a UK water utility company, confirmed that their IT systems were compromised in a cyberattack in January 2024.
  • Hackers stole data from a "limited portion" of their server infrastructure, affecting potentially hundreds of thousands of customers.
  • The data breach was claimed by the Black Basta ransomware group, who threatened to release the stolen information unless a ransom was paid.
  • Southern Water has not confirmed the extent of the data stolen, but reports suggest it may include names, addresses, and contact information.

Current situation:

  • Southern Water is working with cybersecurity experts to investigate the breach and monitor the dark web for any signs of leaked data.
  • No evidence of the stolen data being published online has been found so far.
  • The incident has been reported to the UK's Information Commissioner's Office.


  • The affected customers have been notified and are advised to be cautious of phishing attempts or suspicious activity.
  • The full impact of the breach is still being assessed, but it could potentially lead to identity theft, financial fraud, or other forms of harm.

Additional resources:


Tax Investigation Insurance

Market leading tax fee protection insurance for businesses, sole traders and individuals. Protect yourself from accountancy fees in the event of an HMRC enquiry.

Having a Solar Protect Tax Investigation Insurance policy at your disposal means that should you be one of the many 1000's of businesses or individuals that are selected by HMRC each year to look into your tax affairs your own accountant (your tax return agent) can get on and defend you robustly.

You have the peace of mind knowing that your accountant's (your tax return agent) fees will be paid by the insurance without any Excess for you to find.

Tax Investigation Insurance is an insurance policy that will fully reimburse your accountant's (your tax return agent) fees up to £100,000 if you are subject to enquiry by or dispute with HMRC.

A Solar Protect policy will enable your accountant (your tax return agent) to:

  • Deal with any correspondence from HMRC
  • Attend any meeting with HMRC
  • Appeal to the First-tier Tribunal or Upper Tribunal
  • Having the security of knowing that fees will be met in full will enable your Accountant (your tax return agent) to defend your position robustly

Please click here for details.

No comments:

Post a Comment