Find notable cyber news and cases, enriched with sources, timelines, and signals.

South Staffordshire Water Plc customer data exposed after South Staffordshire Water Plc breach

Data Leak
First reported
Last updated
Happening score
H score 57
1 unique sources, 1 articles

Summary

Hide ▲

South Staffordshire Water Plc's data leak exposed the personal information of 663,887 customers and employees, increasing the risk of fraud and account abuse. The exposure followed a phishing-enabled intrusion that installed malware and remained hidden for nearly 20 months. The leaked material was later verified as authentic and had been published on the dark web.

Related Happenings

Nottingham University data publication on ShinyHunters leak site

Data Leak
H score68 First: 10.06.2026 21:31 Last: 10.06.2026 21:31 Sources 1

About this happening: **Nottingham University** data was published on the **ShinyHunters** leak site after the group claimed access to the university’s **student records system**. The exposed material...

ICO fine against South Staffordshire Water for data breach

Regulatory/Legal Action
H score69 First: 12.05.2026 11:30 Last: 12.05.2026 11:30 Sources 1

How related: The Information Commissioner's Office has fined South Staffordshire Water Plc and parent company South Staffordshire Plc £963,900 ($1.3 million) over a cyberattack that exposed the personal data of 663,887 customers and employees.

About this happening: The **ICO** finalized a **nearly £1m** penalty against **South Staffordshire Water** and **South Staffordshire PLC**, resolving a cyber enforcement action tied to a breach that ex...

South Staffordshire Water hit by network compromise

Incident
H score63 First: 12.05.2026 11:30 Last: 12.05.2026 11:30 Sources 1

About this happening: **South Staffordshire Water** suffered a **phishing-led network intrusion** that ultimately exposed personal information tied to **over 633,000 people**. The compromise mattered b...

Barts Health NHS Trust invoice leak on Cl0p leak portal

Data Leak
H score38 First: 05.12.2025 20:55 Last: 05.12.2025 20:55 Sources 1

About this happening: The **Barts Health NHS Trust** data leak became public when **Cl0p** posted stolen **invoice files** on its **dark-web leak portal**, exposing **full names and addresses** linked...

Latest development: 08.12.2025 11:30

Barts Health NHS Trust is seeking a High Court order to stop the sharing, publication or use of invoice files stolen from its Oracle E-business Suite (EBS) database; the trust says Cl0p posted the files on the dark web, and it is working with NHS England, the National Cyber Security Centre, the Metropolitan Police and regulators including the Information Commissioner’s Office while its clinical systems remain unaffected.

Timeline

  1. 12.05.2026 23:17 2 articles · 1mo ago

    ICO fines South Staffordshire entities over data exposure

    Legal Policy Action Update

    The Information Commissioner's Office fined South Staffordshire Plc and South Staffordshire Water Plc £963,900 ($1.3 million) after confirming that a phishing-led intrusion installed malware, remained undetected for 20 months, and led to personal data for 663,887 customers and employees being extracted and published on the dark web. The regulator said the compromise began in September 2020, the attacker gained domain administrator access between May and July 2022, and the breach was discovered in July 2022 after IT performance problems triggered an investigation.

    Show sources