Contact Information

FAQs about the Southern Water data breach 

In early 2024, Southern Water experienced a data breach following a cyber-attack. After the privacy failure, our lawyers started an investigation into the Southern Water data breach. We also launched a no-win, no-fee compensation claim.

Here are some of the questions we have been asked about our Southern Water data breach group action.

How did the Southern Water data breach happen?

The security violation occurred following an “illegal intrusion” into the company’s IT systems—in other words, a cyber-attack. The hack is believed to have been carried out by the hacker group Black Basta.

What data was stolen in the Southern Water data breach?

The following information is believed to have been accessed by cybercriminals: 

Employee and past employee data may also have been compromised, such as: 

This personal and financial information may have been stolen for sale on the dark web. 

What has Southern Water said about the breach?

The Southern Water data breach occurred in January, but Southern Water only found out about the incident after it was publicised on the dark web. People use the dark web for both legal and illegal purposes – including to buy and sell stolen data.

A statement from Southern Water confirmed that some customers and some current and former employees had their data stolen in this attack and were at risk.

Following the breach, Southern Water took action to prevent further unauthorised access. The company also conducted a review of its internal security systems to identify and address any vulnerabilities. Southern Water also offered enhanced credit monitoring to affected individuals to help protect them from fraudulent activities.

How many people are affected by the Southern Water data breach?

Data belonging to 5-10% of customers was stolen in the cyber-attack. However, Southern Water provides essential water services to 2.5 million customers and wastewater services to more than 4.7 million customers, so this has the potential to be a far-reaching data breach.

Was my information accessed in the breach?

Southern Water has notified affected individuals. If you have not been told that your data was breached, it is unlikely that you are affected. If you were informed that your data was involved in the Southern Water data breach, you could have a no-win, no-fee compensation claim. Register to receive updates on our investigation and we’ll let you know more.

Am I at risk if my data was stolen in the Southern Water data breach?

To ensure they do not fall victim to further attacks, anyone affected by the Southern Water data breach should be vigilant.

At KP Law, we have seen victims of similar data breaches become the target of cybercriminals with instances of phishing, fraud, and identity theft. Our data protection experts strongly advise anyone involved in this breach to be vigilant and take necessary precautions.

What is a group action?

A group action claim is where a group of people – sometimes even thousands of people – have been affected by the same issue. Group action cases are also known as class actions, multi-claimant, or multi-party actions. 

How much will it cost me to claim?

There are no costs to join our Southern Water data breach claim. However, if your claim is successful, you may have to pay a ‘success fee’. This fee is taken from the compensation awarded to you. At KP Law, our success fee is competitive, and we make sure you are fully informed about any potential costs before you officially join our action. If you lose, you won’t have to pay a penny.

How do I join the Southern Water data breach claim?

Register below to receive updates on our investigation and to find out if you can make a data breach compensation claim.

Deborah Stuttard

Recent Posts

Latest Data Breach Round-Up – June 2024

In our regular update, we provide a roundup of some of the data breaches and… Read More

5 months ago

Join our MOVEit/ Zellis Data Breach Action

We have launched a group action against MOVEit/Zellis. Group actions can be a powerful tool… Read More

5 months ago

One year on – the extent of the MOVEit data hack is just becoming clear

The number of organisations affected by the MoveIt Data Breach is still rising, despite the… Read More

5 months ago

Join our 23andMe Data Breach Action

We have launched a group action against 23andMe. Group actions can be a powerful tool… Read More

5 months ago

ICO and Canadian counterpart to investigate 23andMe data breach

The Information Commissioner’s Office (ICO) has launched a joint investigation into the 23andMe data breach… Read More

5 months ago

Join Our Capita Data Breach Action

We have launched a group action against Capita. Group actions can be a powerful tool… Read More

5 months ago