Southern Water confirms cyber attack affects data of some customers and former and current staff

Southern Water

Southern Water has confirmed that it has been the target of a cyber attack with personal data stolen from some customers and current and former staff members during the “illegal intrusion.”

The data theft was discovered as part of an ongoing investigation launched last month amid claims of the act by ‘cybercriminals.’

In a statement Southern Water said: “We have confirmed that data from a limited part of Southern Water’s server estate was stolen and is at risk following an illegal intrusion into our IT systems. This arises from our ongoing investigation into suspicious activity, as detailed in our statement on 23 January 2024.

“We are very sorry that this has happened.   We continue to work with our expert technical advisers to confirm whose data is at risk. Our initial assessment is that this is the case for some of our customers and current and former employees.

“We have engaged leading independent cybersecurity experts to monitor the “dark web”. They continue to report to us that, since we were named on the cyber criminals’ site on 22 January 2024, they have found no new evidence of the data potentially involved in this cyber incident being published online. They will continue to carry out their checks for as long as is necessary.

“We take data protection and information security very seriously and, in accordance with our regulatory obligations, we are making contact with anyone whose personal data may be at risk.

“Based on our forensic investigations so far, which are ongoing, we are planning to notify in the order of 5 to 10 percent of our customer base to let them know that their personal data has been impacted. We are also notifying all of our current employees and some former employees.

“These notifications will offer security advice, as well as guidance on recommended precautionary steps and details of the support we are offering them.”


Southern Water has been working with Government, regulators and the National Cyber Security Centre as well as notifying police and the Information Commissioner’s Office.

The statement adds: “Since the incident, our IT security teams have worked with independent incident response experts, using enhanced monitoring and protection tools to check actively for any suspicious activity on our IT estate. Southern Water’s operations and services to customers have not been impacted.”

Anyone with specific questions relating to the cyber incident can call 0330 303 0025.



  1. Love this stock pic you always use on any report on SW Kathy 🙂 it must be the one and only sign written van they have as they sub out all their work.
    I like the bit “We continue to work with our expert technical advisers” Oh the ones that helped cause the data security breach? – That’s OK then …….
    This needs a complete independent government investigation.

  2. Anyone still think Thatcher was right in selling of our country’s utilities ?

    It’s all about making money for the shareholders. When these companies get fined they just put the price so we ‘customers’ pay the fine !

  3. Aren’t Southern water real treasures, with with the government ineffective in controlling the standards which the do not comply with, pollutants discharged in rivers, ocean, so many leaks and not to mention government ministers in their pockets to turn a blind eye. Most of these privatised firms are out of control with no ambition of delivering an excellent service just profit focused. They are all a disgrace much like the MPs which give them the rope but never hang them with it.

Comments are closed.