A UK water company announced that bank details of customers might have been leaked on the dark web following a cyberattack back in August.
South Staffordshire PLC is the parent company of South Staffs Water and Cambridge Water, which provides drinking water to over a million people. It’s currently unclear how many of their customers were affected.
Now, the company revealed that the potentially accessed data included names and addresses of customers, as well as sort codes and account numbers used for direct debit payments.
This puts in danger people who have a direct debit set to pay for water services.
"Our investigation has now found that the incident resulted in unauthorised access to some of the personal data we hold for a subset of our customers. We are writing to those customers who have been impacted via letter so that they can take appropriate action,” the official statement reads.
Despite that, South Staffs Water assured that "the water we supply is safe."
The potentially affected customers were notified and received an offered free access to a credit monitoring service for 12 months. An official helpline was also set up.
“There is a risk that criminals may try to use this compromised data to carry out fraud, in particular by submitting fraudulent Direct Debit mandates to your bank or building society using the data compromised in the cyber attack,” the company said in a letter.
More from Cybernews:
Subscribe to our newsletter