Clop ransomware target wrong U.K. water supplier

Despite claims that 5T of data was breached and stolen from Thames Water, the UK’s largest water supplier, published data showed that the Clop ransomware had data from another water supplier.

The decision of the hackers to publish the data follows failed negotiations between the two parties involved. After Clop had revealed the stolen credentials, Thames Water interfered with the claims and noted that reports of Clop Ransomware, which violated its network, are nothing more than “cyber hoax” and that its operations are at full capacity.

A careful examination of the leaked showed spreadsheet and usernames and passwords that features South Staffordshire Water and South Staffordshire email addresses. Experts also revealed that one of the leaked documents sent to the attacked company was explicitly addressed to South Staffordshire PLC.

Therefore, it is very likely that Clop has misidentified their victim or that they are trying to extort a much larger company with false documents.

The ransomware gang, who realized their mistake, are now listing South Staffordshire Water as a victim on the extortion site.

South Staffordshire Water, which supplies 1.6 million consumers with 330 million litres of drinking water, has already confirmed a cyberattack that caused IT disruption.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web