Following the theft and disclosure of their data by the Clop/Cl0p ransomware group, nearly one thousand victims recently filed a class action lawsuit against South Staffordshire Plc. South Staffordshire Plc, which owns South Staffordshire Water and Cambridge Water, served 1.6 million Midlands customers when Clop targeted its networks in August 2022.
The cyber attack on its systems became well-known at the time because Clop falsely claimed it had targeted Thames Water, which serves consumers in Greater London and other parts of south-east England.
The inept cyber crooks published a lengthy rant against Thames Water, criticising its alleged cyber malfeasance and urged customers to come together to sue them.
Two and a half years later, Manchester-based Barings Law is seeking legal action over the breach, for which South Staffs has admitted liability.
Bank sort codes, account numbers used for direct debit payments and bank transfers, names, residences, and other sensitive information were among the details that Barings said its claimants saw published on the dark web.
It states that South Staffs did not fulfil its obligation to safeguard its clients' personal information.
Barings was established in 2009 and is becoming known for specialising in similar collective claims involving cyberattacks that resulted in the theft and disclosure of personally identifiable information.
Notable actions against Capita and Carphone Warehouse have advanced in the last 12 months.
The Capita lawsuit pertains to two 2023 incidents that compromised common people's data: the first was a ransomware attack that impacted multiple pension funds, and the second was an inadvertent leak of data housed in an insecure Amazon Web Services S3 storage bucket.
As of mid-January 2024, over 5,000 people had signed up to join.
This Cyber News was published on www.cysecurity.news. Publication date: Sun, 11 Feb 2024 15:13:04 +0000