Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

South Staffordshire Water hit by network compromise

Incident
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

South Staffordshire Water suffered a phishing-led network intrusion that ultimately exposed personal information tied to over 633,000 people. The compromise mattered because the attacker established Get2 downloader and SDBbot RAT access, later moved laterally across the network, and was linked to a large-scale data breach. The incident was discovered after performance issues raised suspicion, showing the intrusion persisted for nearly two years.

Related Happenings

South Staffordshire Water Plc customer data exposed after South Staffordshire Water Plc breach

Data Leak
First: 12.05.2026 23:17 Last: 12.05.2026 23:17 Sources 1

About this happening: South Staffordshire Water Plc's **data leak** exposed the personal information of **663,887** customers and employees, increasing the risk of fraud and account abuse. The exposure...

Open Happening

ICO fine against South Staffordshire Water for data breach

Regulatory/Legal Action
First: 12.05.2026 11:30 Last: 12.05.2026 11:30 Sources 1

How related: South Staffordshire Water and parent company South Staffordshire PLC agreed to pay the Information Commissioner’s Office (ICO) a fine 40% lower than the original £1.6m ($2.2m) sum in return for not contesting the fine.

About this happening: The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...

Open Happening

Timeline

  1. 12.05.2026 11:30 1 articles · 15d ago

    South Staffordshire Water phishing compromise begins

    Exploitation Observed

    A successful phishing email on September 11, 2020 led to the installation of the Get2 downloader and the SDBbot remote access Trojan on South Staffordshire Water systems.

    Show sources
    Open in new tab
  2. 12.05.2026 11:30 1 articles · 15d ago

    South Staffordshire Water sees lateral movement

    Campaign Scope Update

    South Staffordshire Water’s network later saw lateral movement using a domain administrator account and remote desktop protocol to reach 20 endpoints, with the activity beginning on May 17, 2022 and continuing through August 4, 2022.

    Show sources
    Open in new tab
  3. 12.05.2026 11:30 1 articles · 15d ago

    South Staffordshire Water investigates performance issues

    Detection Ioc Update

    IT performance issues caused by unscheduled database exports prompted an investigation on July 15, 2022, revealing an intrusion that had remained undetected for nearly two years.

    Show sources
    Open in new tab
  4. 12.05.2026 11:30 1 articles · 15d ago

    South Staffordshire Water discovers ransom note attempt

    Victim Impact Update

    South Staffordshire Water discovered on July 26, 2022 that the threat actor had unsuccessfully tried to send a ransom note to some members of staff.

    Show sources
    Open in new tab
  5. 12.05.2026 11:30 1 articles · 15d ago

    ICO fine concludes South Staffordshire Water case

    Legal Policy Action Update

    South Staffordshire Water and South Staffordshire PLC agreed to pay the Information Commissioner’s Office a fine nearly £1m, 40% lower than the original £1.6m sum, after not contesting the penalty for the compromise affecting 633,887 current and former customers and employees.

    Show sources
    Open in new tab
  6. 24.07.2022 03:00 2 articles · 46mo ago

    South Staffordshire Water notifies ICO of a personal data breach

    Initial Disclosure

    South Staffordshire Water notified the Information Commissioner’s Office of a personal data breach nine days after the July 15 investigation, formally disclosing the compromise after detection.

    Show sources
    Open in new tab