U.K.-based water utility Southern Water has confirmed that hackers stole the personal data of as many as 470,000 customers in a recent data breach.
Southern Water, which provides water and wastewater services to millions of people across the South East of England, in a statement said that it plans to notify 5 to 10 percent of its customer base that they had personal information stolen by hackers during a cyberattack in January.
The utility giant declined to say exactly how many individuals are so far affected.
Southern Water notes that the 5 to 10 percent figure is based on its ongoing forensic investigations, suggesting the actual number of individuals affected could be higher.
Reports however state that hackers accessed customers’ dates of birth, national insurance numbers, bank account details, and reference numbers.
Southern Water said it also planned to notify current and some former employees about the breach of their personal information. In its latest annual report, Southern Water says it has approximately 6,000 employees.
The January cyberattack on Southern Water, which the company first disclosed on January 23, was claimed by the Black Basta ransomware group, a Russia-linked gang that last year took responsibility for a hack on U.K. outsourcing giant Capita.
Southern Water has not yet commented on the specifics of the incident or how its systems were compromised. The company also said it has notified the U.K.’s data protection regulator, the Information Commissioner’s Office, about the incident.
Philips Babatunde