UK Water Supplier Hacked, But Did Ransomware Gang Hit Wrong Target?
A cyberattack has hit a UK water supplier that serves 1.6 million residents, but the ransomware gang responsible may have bungled the extortion attempt.
On Monday, South Staffordshire PLC reported(Opens in a new window) it had suffered a “criminal cyber attack” that had caused a disruption to the company’s IT systems. Fortunately, the company continues to pump clean water to local residents as the UK faces a drought.
“This incident has not affected our ability to supply safe water and we can confirm we are still supplying safe water to all of our Cambridge Water and South Staffs Water customers,” the company wrote in a statement.
South Staffordshire reported the hack after a ransomware gang called CL0P announced it had recently hacked a UK water supplier. The only problem? CL0P claims it hacked a different company called Thames Water—the largest water supplier in the UK.
On Tuesday, Thames Water issued(Opens in a new window) a public statement that called out the ransomware attack from CL0P as a hoax. “We are aware of reports in the media that Thames Water is facing a cyber attack. We want to reassure you that this is not the case and we are sorry if the reports have caused distress,” the company said.
CL0P didn’t immediately respond to a request for comment. But the ransomware group should have been aware it hacked South Staffordshire and not Thames Water. CL0P’s website on the dark web shows the group stole internal files marked with the name South Staffordshire and emails belonging to the south-staffs-water.co.uk domain. This suggests CL0P may have been trying to extort a larger, more lucrative victim by claiming it had hacked Thames Water, as noted(Opens in a new window) by BleepingComputer.
CL0P’s site also
Read more on pcmag.com
