Southern Water is under scrutiny following a ransomware attack in January 2024, with alleged communications suggesting a ransom demand from the hacker group Black Basta. While the utility company did not confirm a reported offer of $750,000, it stated that an illegal intrusion had been dealt with without impacting its operational services. Internal chats indicate that Southern Water was initially asked for $3.5 million, but negotiations progressed towards a lower amount in the face of operational realities. The incident highlights ongoing challenges in cybersecurity for utilities.
As soon as we became aware, over a year ago, of an illegal intrusion affecting our IT systems (not affecting our operations or services to customers), we informed all relevant bodies, including NCSC and Defra.
I discussed your offer with the Board, and as I expected, your current demand is still too steep for us to even consider...we're prepared to face whatever challenges may come as a result of this incident.
The Board is ready to increase our numbers to show you that we're taking this negotiation seriously and hope to reach an agreement with you sooner rather than later.
We're now offering to pay you $750,000 in exchange for a speedy resolution of this incident.
Collection
[
|
...
]