Menu
On Monday 15th of August 2022, South Staffordshire confirmed that they had experienced IT disruption from a cyberattack. The released announcement explained that the safety and water distribution systems are still operational and therefore there is no impact on the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water.
“This is thanks to the robust systems and controls over water supply and quality we have in place at all times, as well as the quick work of our teams to respond to this incident and implement the additional measures we have put in place on a precautionary basis,” – South Staffordshire announcement.
Although South Staffordshire’s announcement was released following the announcement by the Clop ransomware gang that claimed Thames Water as their victim where they stated they allegedly had accessed the SCADA systems which they could manipulate to cause harm to 15 million customers. The announcement also stated they had allegedly stolen 5TB from the compromised systems.
Although, after the ransomware group published the first sample of stolen data following a supposed collapse in the negotiations of the ransom payment, Thames Water officially disputed the claims by Clop. The released statement by Thames Water stated that the reports of Clop having breached its network were “cyber-hoax” and that its operations are at full capacity.
It was later revealed that Clop had possibly misidentified the victim based on the leaked stolen data that included passports, screenshots from water treatment SCADA systems, and driver’s licenses, the data contained mentions of South Staff Water and South Staffordshire.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
