Southern Water letter to cyber attack-hit customers

Letters and emails have been arriving in the last couple of days explaining what happened and what do to now.

On January 22, an organisation on the dark web, which is a hidden area of the internet, claimed to have obtained data from the utility provider.

The company raised the alarm on February 13 and apologised.

In recent correspondence, it says it had previously detected suspicious activity.

An investigation has now been launched, in conjunction with the National Cyber Security Centre, along with other precautionary measures.

Water supplies were not affected, said the provider.

Southern Water told the Echo's sister paper the Isle of Wight County Press it did not know how many customers have been impacted. It said between five and 10 per cent of customers were hit.

It said its focus was on contacting the five to ten per cent of customers affected.

It has assured customers that a link to Experian Identity Plus, offered in the most recent letters and emails, in a bid to help people monitor potential suspicious activity, is safe to use.

It gives 12 months Experian cover for free, as long as membership is activated within two months of getting the correspondence.

Southern Water said it was continuing to monitor the situation and invited customers with questions to contact it, on 0330 303 0025.

Earlier this month, Southern Water said: "Based on our forensic investigations, which are ongoing, we are planning to notify in the order of five to ten per cent of our customer base to let them know that their personal data has been impacted.

“We are also notifying all of our current employees and some former employees.

“We take data protection and information security very seriously and, in accordance with our regulatory obligations, we are making contact with anyone whose personal data may be at risk."

The Information Commissioner's Office (ICO) also confirmed it had received a report about the incident, and was investigating.