Reading Time: 3 minutes

UK water company confirms cyber attack

13th February 2024 | Modified: 20th February 2024

Categories: Security

Reading Time: 3 minutes
Southern Water

Southern Water, a water utility company that provides essential drinking water and wastewater treatment services to more than 4.5 million customers across Sussex, Kent, Hampshire and the Isle of Wight, confirmed that they were looking into claims by cyber hackers. Black Basta claim to have stolen 750 gigabytes of personal and corporate information from the utility company and the cyber thieves were attempting to hold Southern Water to ransom.

The cyber thieves were attempting to hold Southern Water to ransom”

Southern Water officials stated that they were aware of a claim made by the cybercriminal gang Black Basta that they had not only taken the information but had posted a list of victims on a Tor Leak site. As soon as the claim was made, Southern Water immediately launched an investigation to find out if there was any truth in the claim. The gang said that that would expose all of the data stolen within 7 days if the ransom were not paid.


The water company, then went on to say that a limited amount of data had been published on the leak site, however none of their services had been impacted, but that they were in fact, operating normally. Furthermore, Southern Water had also, as the law requires, reported the matter to the Government and the ICO (Information Commissioner’s Office). Companies are legally obliged to report any kind of information breach to the ICO within 72 hours of becoming aware of it.


Black Basta, has been active since 2022, and first came to prominence as the cybercriminals behind the Capita cyber attack back in 2023. Capita is the UK’s largest outsourcing services company. The subsequent fallout from that cyberattack affected more than 90 companies around the world.

Black Basta operates as a ransomware-operator-as-a-Service (Raas). They target prominent enterprise victims directly, typically gaining access to a company’s network via a malicious link, delivered by email.


Southern Water stated that there was no evidence that any kind of customer, or employee’s personal or corporate data had been stolen. The company went on to say; “If, through the investigation, we establish that customers’ or employees’ data has been stolen, we will ensure they are notified, in accordance with our obligations.”

If you have any concerns or you would like additional support with your cyber security planning, please contact the team at: or call us on 01273 384 100.

UK water company confirms cyber attack

By Gary Jowett

Gary has always focused on making sure the most appropriate solution is provided to help customers, not just what's new and shiny. With over 30 years in the IT industry Gary has the experience to tell the difference between something that's game-changing or is just a passing fad!


We’re always open for a chat, so get in touch to find out how we can help