In July 2022, South Staffordshire PLC, the parent company of South Staffordshire Water discovered that it had experienced a cyber-attack. When the water company first announced the cyberattack in August 2022, it was reported that the criminals had accessed the personal data of current and former South Staffordshire Water employees.
Following the breach, South Staffordshire Water said that it had been “working with leading forensic experts to investigate fully what happened”, and in a subsequent statement, the company confirmed that the “incident resulted in unauthorised access to some of the personal data we hold for a subset of our customers.” The affected details were believed to include:
We launched a group action to help those involved in the South Staffordshire Water data security failure claim compensation for any distress or losses experienced because of this breach.
When the attack first came to light, a ransomware group claimed to have hacked a different water company’s network (Thames Water) and demanded an extortion payment to prevent the release of the stolen data. Some of the stolen information was later shared on the dark web. However, the hackers misidentified the water company and it was South Staffordshire Water that was affected. The hackers also claimed that they could change the chemical composition of the water, but stressed that they were “not interested in causing harm to people”. South Staffordshire Water rebuffed claims that the criminals could poison water supplies.
The information exposed in this breach included the name and address of the water account holder, together with the sort code and account number used for the Direct Debit.
South Staffordshire Water contacted the affected individuals.
KP Law has some of the most skilled data breach lawyers in England and Wales. Here are just some of our success stories.
KP Law is a founding member of the Collective Redress Lawyers Association (CORLA). CORLA aims to improve access to justice for claimants by way of collective redress.
