Contact details and national security numbers could have been stolen from Southern Water customers following cyber attack

The announcement, which went live on Southern Water’s website earlier today (February 12), confirms that ‘a limited part’ of the company’s server estate is at risk following an illegal intrusion earlier this year.

Apologising for the breach, a spokesperson confirmed that the company is working with “expert technical advisers to confirm who is at risk,” and making contact with customers whose personal data may have been stolen.

The notifications will contain security advice, guidance on recommended precautionary steps, on details of the ongoing support they are being offered.

Emails sent to customers say that the leaked information could include their name, contact information, date of birth and national insurance number.

Southern Water teams first noticed signs of illegal activity on January 22, when they became aware of cyber criminals claiming to have stolen data from private servers. The company has teamed with leading independent cybersecurity experts to continue to monitor the dark web – where the criminals are based – and have since found no new evidence which suggests the data stolen during the leak has been published. Monitoring is expected to continue, however.

"Throughout this process we have been working with Government, our regulators and the National Cyber Security Centre. We have also notified the police and the Information Commissioner's Office,” a spokesperson said.

“Since the incident, our IT security teams have worked with independent incident response experts, using enhanced monitoring and protection tools to check actively for any suspicious activity on our IT estate. Southern Water’s operations and services to customers have not been impacted.”