The ransomware attack on South Staffordshire Water last August may have exposed the banking information of its users. The latest investigation revealed that the cybercriminals behind the attack may have stolen all the banking details of the consumers of the water supplier.
At the time of the attack disclosure, the water-supplying company assured everyone that only its corporate network had experienced the disruptions. However, the recent results from an investigation revealed that customers who paid their bills through direct debit may have had their information stolen by the attackers.
Based on reports, the impacted banking details include the names and addresses of the customers, account numbers, and sort codes utilised by a user to prepare direct debit payments. A representative from the affected entity also explained that they have now informed the potentially affected customers regarding the threat possibility.
In addition, South Staffordshire Water staff stated that they had notified numerous regulatory entities, such as the National Cyber Security Centre, National Crime Agency, and the water services regulation authority Ofwat.
The recent ransomware attack against South Staffordshire Water became one of the focal points in the UK meetings.
Researchers explained that the disruption in South Staffordshire Water operation was one of several topics that they closely discussed with officials in the Cabinet Office Briefing Rooms meetings. The gathering of numerous important officials has discussed the risks posed by cyberattacks against their critical infrastructures.
In a related topic, some researchers claimed that the culprit behind the South Staffordshire Water attack is the Cl0p ransomware group. This assumption the researchers made its point after the ransomware group mistakenly claimed to have access to a separate water company’s network.
Fortunately, the group’s leak site claimed that the actors decided not to encrypt the targeted company’s files. Still, they demanded extortion payment to prevent the leak of stolen data and how they managed to access the company’s network.
The water supply company is working closely with their 18 affected employees. They expect more clients to reach out to them after revealing that the attack also affected the banking details.
