Penny Horwood reports:
The ransomware attack on Southern Water approximately one year ago by the Russia-linked Black Basta group has cost the utility provider more than £4.5 million to date, according to the utility company’s annual report.
An extract from the publicly available Southern Water annual report says:
“..in February 2024 we announced that data from a limited part of our server estate had been stolen through an illegal intrusion into our IT systems. We engaged external cyber security experts and legal advisers in response, as well as contacting anyone whose personal data may have been at risk. We have incurred £4.5 million in responding to this exceptional incident during the year.”
Southern Water provides water to more than 2.5 million customers across Kent, Sussex, Hampshire and the Isle of Wight, approximately 10% of which had data compromised by the attack.
The Register spotted a reference to a $750,000 payment in the thousands of internal messages from the Black Basta gang which were leaked two weeks ago. When asked by The Register to confirm whether this ransom had been paid, Southern Water said the following:
“As soon as we became aware, over a year ago, of an illegal intrusion affecting our IT systems (not affecting our operations or services to customers), we informed all relevant bodies, including NCSC and Defra. We and our advisers worked closely with NCSC throughout the incident.”
Read more at Computing.co.uk.