Two major water companies, Veolia North America in the United States and Southern Water in the United Kingdom, have been targeted in ransomware attacks that resulted in data breaches.
Veolia describes itself as the world’s largest private player in the water sector, providing water and wastewater services to tens of millions of people.
In a notice posted on its website, Veolia North America revealed that its Municipal Water division was hit by ransomware last week. In response to the incident, the company took down the targeted backend systems and servers, which disrupted online bill payment systems.
“This incident seems to have been confined to our internal back-end systems at Veolia North America, and there is no evidence to suggest it affected our water or wastewater treatment operations,” Veolia said.
The water company has also determined that the personal information of “a limited number of individuals” may have been compromised. Affected people will be notified by the firm.
No known ransomware group appears to have taken credit for the attack on Veolia.
Across the pond, a ransomware group targeted Southern Water, which provides water services to 2.5 million customers and wastewater services to 4.7 million customers in the South of England.
A statement issued by the company on Tuesday confirmed that suspicious activity was detected on its systems and an investigation has been launched.
The statement came after the Black Basta ransomware group listed Southern Water on its leak website, claiming to have stolen 750 Gb of files, including ones containing personal information and corporate documents. The hackers posted several screenshots showing that they obtained identification document scans (passports and driver’s licenses) and other documents containing personal information.
The cybercriminals are threatening to make the stolen data public in five days if Southern Water refuses to pay a ransom.
The water utility is investigating the claims, but has currently found no evidence that customer relationship or financial systems have been impacted. “Our services are not impacted and are operating normally,” it said.
The water sector in the West has been increasingly targeted by malicious cyber actors. Hackers believed to be affiliated with the Iranian government last year targeted industrial control systems (ICS) at multiple water facilities in the United States.
In Ireland, a cyberattack targeting the systems of a small utility caused significant disruption, leaving people without water for two days.
Related: US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities
Related: States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities
Related: CISA Offering Free Vulnerability Scanning Service to Water Utilities