Customer data released to dark web following breach

After being targeted by hackers, South Staffs Water has revealed some of its customers bank details may have been accessed and leaked on the dark web.

The water firm was hit by a criminal cyber attack on 16th August. Its parent company South Staffordshire PLC has said it’s began to inform customers impacted by letter.

A subset of customers who pay their water bill by direct debit may be impacted, but not all customers who pay by direct debit. Customers who don’t pay by direct debit are not affected.

Data stolen includes names, addresses, bank details including sort code and account numbers.

“Consumers can have complete confidence that the water we supply is safe,” said South Staffs Water managing director Andy Willicott.

“We understand that customers trust us to keep their data safe and I’d personally like to say sorry to all those customers impacted – we’ll be doing what we can to support you through this. We will continue to invest in protecting our customers, our systems and our data.”

South Staffs Water has now create a helpline for affected customers.

“Investigations like this are very complex and it takes time to understand what happened and then to analyse the data that could have been impacted,” the firm said in a statement.

“As soon as we were aware that we needed to notify our customers in compliance with our legal obligations we began to do so.”

Click here to sign up to receive our new South West business news...