South Staffordshire Water Data Breachcheck your eligibility
In August 2022, South Staffordshire PLC, the parent company of South Staffordshire Water, disclosed that it had suffered a criminal cyber-attack that exposed customer data. The malicious actor had lurked within South Staffs Water systems for two years before obtaining administrator access and reams of user data. More than 630,000 customers are thought to have been affected.
We’ve partnered with a specialist law firm for data breach claims to explore a potential group action claim against South Staffordshire Water. You can check eligibility for a potential data breach claim. If eligible, register to receive updates from us, including how to submit your claim if it moves forward.
Find Out If You Can Register Your Interest
Sign up for a potential South Staffordshire Water data breach claim to register your interest and be notified if the claim moves forward.
THE FACTS SO FAR
What do we know about the South Staffordshire Water data breach?
South Staffordshire PLC discovered the cyber-attack in July 2022 and began notifying the public in August. By then, it was too late: the company said that "all impacted customers will have had some of their personal data published on the dark web."
The company has indicated that personal and financial information, such as customers' addresses and bank details, could have been exposed to cyber-criminals.
The matter was reported to the police and to the Information Commissioner's Office (ICO), who fined South Staffs PLC £963,900.
Please note that claims for personal injury or recognised psychiatric injury are generally subject to a three-year limitation period from the date of the incident. As the matters under investigation occurred in 2022, such claims may now be time barred.
However, this does not prevent claimants from pursuing claims for distress, loss of control of personal data, or other non-material damage arising from the data breach.
If you wish to pursue a claim for personal injury or psychiatric injury, you are free to seek independent legal advice or consult an alternative legal representative.
FREQUENTLYASKED QUESTIONS
South Staffordshire Water suffered a major cyber attack that began in September 2020 after attackers gained access through a phishing campaign. Attackers remained undetected within the network for an extended period before stealing and publishing large quantities of personal data on the dark web.
The ICO confirmed that approximately 633,887 UK data subjects had personal data published on the dark web following the breach.
The exposed data reportedly included names, addresses, contact details, dates of birth, financial information, National Insurance numbers, HR records, usernames, passwords and certain sensitive personal data.
The ICO concluded that South Staffordshire Water and South Staffordshire Plc failed to implement appropriate cybersecurity measures and issued a monetary penalty notice of £963,900.
South Staffordshire Water released this FAQ on their website about the breach: https://www.south-staffs-water.co.uk/help-and-advice/support
South Staffordshire Water notified hundreds of thousands of affected individuals following the breach, including customers and employees whose information was believed to have been compromised.
If you were affected by the South Staffordshire Water data breach, you may be entitled to compensation. Register your interest today to receive updates if the claim does move forward.
A group action claim allows large numbers of affected individuals to bring claims together against the same organisation. These actions are often used in large-scale data breach and privacy cases.
There are no costs to join the claim if it moves forward. However, if your claim is successful, you may have to pay a 'success fee'. This fee is taken from the compensation awarded to you.