© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Hackers post data dump from UK water company cyberattack, says Twitter pundit

The cybercriminal gang believed to be responsible for the recent breach of South Staffordshire’s defenses has published sensitive employee data that it obtained from the attack, according to trusted commentators on Twitter.

The water company issued a statement on August 15 in which it admitted it had been “the target of a criminal cyberattack” but denied this had affected its ability to supply water safely to its more than one million customers in the UK.

That prompted Kevin Beaumont, aka @GossiTheDog – a respected Twitter infosecurity expert who enjoys more than 140,000 followers despite profiling himself as a “cybersecurity pleb” whose “tweets are severely limited by my lack of understanding of what I am doing” – to start keeping tabs on the beleaguered water company.

According to Beaumont, a threat group called Clop is behind the cyberattack – and in a follow-up statement he claims that it has now spilled the beans on an undisclosed number of victims among the target company’s employees.

“Clop have now posted the data dump of South Staffordshire Water,” said Beaumont. “It includes a significant amount of PII [personally identifying information] of staff, for instance passports, and lots of corporate data.”

The data disclosure also appears to include passwords, which Beaumont says have been made viewable on an Excel spreadsheet, and he also believes Clop managed to access the part of the water network operated by South Staffordshire.

Beaumont’s latest tweet on the subject declares that the alleged threat group began exfiltrating data as far back as July 18, in what he described as “classic Clop playbook.”

Another Twitter pundit, Falcon Feedsio, which says it publishes data taken from the dark web regarding ransomware attacks, recently appeared to confirm Beaumont’s claims.

“Clop ransomware group has added South Staffordshire Water, utility company in UK, to their victim list,” it tweeted. “They have published Part One of the leaked data, which includes passport, driving license, IP, mail ID, [and] passwords.”

At the time of writing, Cybernews was unable to verify the authenticity of the claims, although Falcon and Beaumont are both regarded as trusted cybersecurity sources.

More from Cybernews:

Bitcoin ATMs hijacked by mystery threat actor

5.7bn data entries found exposed on Chinese VPN

VIASAT hack impacted French critical services

Estonia suffers severe cyberattack after removing Soviet monuments

Russian citizen to face ransomware laundering charges in US

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked