The British utility company Southern Water, responsible for water supply and wastewater management across England, has reported financial losses amounting to £4.5 million ($5.7 million) following a cyberattack that occurred in early 2024.
Southern Water oversees a vast infrastructure, delivering 570 million liters of water daily through a 14,000-kilometer distribution network and processing over 1.5 billion liters of wastewater via a 40,000-kilometer sewer system. In 2024, cybercriminals infiltrated the company’s IT systems, exfiltrating data from a limited number of servers.
The attack was claimed by the Black Basta ransomware group, notorious for targeting critical infrastructure through extortion-based cyber operations. While Southern Water assured the public that the incident did not disrupt operational processes or compromise customer systems, the investigation and remediation efforts have cost the company millions of pounds.
According to Southern Water’s financial report, the cyberattack incurred substantial expenditures for cybersecurity specialists, legal counsel, and the notification of affected users. Additionally, the data breach may lead to further reputational and legal repercussions.
Leaked internal communications from Black Basta suggest that Southern Water allegedly offered the hackers a £750,000 ($950,000) ransom on February 12, 2024. The attackers had initially demanded $3.5 million, but by the end of February, Southern Water’s name disappeared from the group’s extortion site, potentially indicating that a settlement had been reached.
However, company representatives have neither confirmed nor denied the payment of a ransom. In its official statements, Southern Water has reiterated its previous positions, leaving the question of a possible agreement with the hackers unresolved. Meanwhile, the company has assured that it continues to monitor the dark web for any signs of customer data leaks, though no such breaches have been identified thus far.
