Pirat_Nation 🔴(@Pirat_Nation):The UK’s Information Commissioner’s Office has fined South Staffordshire Water and its parent company £963,900 for a major data breach that exposed personal and financial information belonging to 663,887 customers and employees. The incident started with a phishing attack in September 2020 that installed malware. It went undetected for 20 months, allowing attackers to gain domain administrator access and publish names, addresses, bank details, login credentials and other sensitive data on the dark web. The ICO cited key security failures including monitoring of only 5% of the IT environment, use of obsolete software such as Windows Server 2003, and inadequate patching and vulnerability management.

2026.05.13 06:01

The UK’s Information Commissioner’s Office has fined South Staffordshire Water and its parent company £963,900 for a major data breach that exposed personal and financial information belonging to 663,887 customers and employees. The incident started with a phishing attack in September 2020 that installed malware. It went undetected for 20 months, allowing attackers to gain domain administrator access and publish names, addresses, bank details, login credentials and other sensitive data on the dark web. The ICO cited key security failures including monitoring of only 5% of the IT environment, use of obsolete software such as Windows Server 2003, and inadequate patching and vulnerability management.