The South Staffordshire Water company that supplies over 300 million litres of drinking water to 1.6 million consumers daily has confirmed that the Clop ransomware gang has disrupted their IT systems.
Fortunately, the company’s safety and water distribution systems are still ongoing. South Staffordshire Water assured that all their service teams operate like a standard operation and that consumers should not worry about the risk of extended outages due to cyberattacks.
Clop ransomware gang may have been extorting the wrong water company.
According to researchers, the Clop ransomware group claimed that they are the group that hijacked the Thames Water company. The group said they have access to the company’s SCADA system, which could allow them to manipulate the water supply and cause harm to millions of consumers.
The attackers then informed Thames Water of its network security vulnerabilities and claimed they acted incompetently by not encrypting the 5TB of data. After the claim, the threat actors published the first stolen data, including screenshots from water treatment SCADA systems, driver’s licenses, passports, and more.
However, Thames Water has officially denied the adversaries’ claims by saying that the reports of Clop having breached their network are merely a hoax, and their operations are unaffected.
Researchers also stated that Thames’ claim of Clop’s hoax was based on the threat actors’ spreadsheet containing South Staffordshire email addresses.
Other researchers also believe Clop gang is attempting to extort a much larger company using phoney evidence. These recent attacks against water companies are taking advantage of the ongoing drought in Europe.
This detail shows that malicious threat actors are willing to attack vulnerable companies during the rough time since water suppliers will surely struggle during the drought periods across every country in Europe.
Cybersecurity experts believe that Clop ransomware gang will correct this mistake by extorting the targeted company, which corresponds to the stolen data.
