Black Basta Ransomware Targets Major UK Water Company, Demands Bitcoin Ransom To Prevent Data Leak

2024/01/25 14:29

Ransomware group Black Basta claims to have successfully breached the security of British water company, Southern Water, and is currently holding it for ransom.

The group first posted this on its Tor leak site on 22 January 2024.

Black Basta posts UK water utility Southern Water.

/southernwater.co[.]uk@GossiTheDog @UK_Daniel_Card @SOSIntel @joetidy pic.twitter.com/erEvd0DtBT
— Dominic Alvieri (@AlvieriD) January 22, 2024

The group, known for its activities since April 2022, alleges to have ransomed over $100 million in Bitcoin.

The cybercriminals have released a snippet of the stolen data, consisting of sensitive information such as passports, driver's licenses, employee details, and corporate documents.

Southern Water has confirmed the breach, acknowledging the compromise of a limited amount of data.

Stolen Data

Reports reveal that Black Basta gained unauthorised access to Southern Water's IT systems, making off with 750 gigabytes of sensitive data.

The stolen information encompasses identity documents, human resources-related documents with personal details of potential customers, and corporate car-leasing documents exposing personal information.

Southern Water, responsible for water and wastewater services to millions in southern England, claims it is actively investigating the breach.

While the company has confirmed the theft of a limited amount of data, it denies evidence of compromises in customer relationships or financial systems.

We're aware of a claim by cyber criminals that data has been stolen from some of our IT systems. We currently have no evidence customer relationships or financial systems have been affected. Our services are operating normally and we've notified regulators https://t.co/jdRVbq4Iup
— Southern Water (@SouthernWater) January 23, 2024

However, leaked details suggest potential impacts on Southern Water employees and customers.

Despite the confirmation of the breach, the company assures its commitment to notifying individuals whose data may have been compromised.

Southern Water has also informed relevant authorities, including the UK government, regulators, and the Information Commissioner's Office (ICO).

Black Basta

Black Basta, the Russian ransomware gang behind the attack, has gained notoriety for accumulating over $107 million in Bitcoin ransom payments.

Since its inception, the group has targeted 329 victims, including well-known companies like ABB, Capita, Dish Network, and the M&S pension scheme.

The ransomware group's encryption algorithm, based on ChaCha keystream, reportedly faced a vulnerability in April 2023, allowing some file recovery based on their size.

However, recent reports indicate that the developers have patched this weakness, rendering the decryptor ineffective for newer attacks.

More news about ukbased southern 470k basta

Feb 15, 2024 9:30 pm
Up to 10% of Southern Water customer data stolen by bitcoin ransom group
Southern Water, which supplies water to seven million customers, was reportedly hacked by ransomware group Black Basta in January. source: https://protos.com/up-to-10-of-southern-water-customer-data-stolen-by-bitcoin-ransom-group/
Feb 09, 2024 7:00 pm
From Missouri to Texas: Southern US Becomes Bitcoin Mining Hotspot
The latest legislative proposal from State Rep. Phil Christofanelli aims to establish Missouri as a welcoming hub for Bitcoin mining. This initiative aims to bolster the local economy while positioning Missouri alongside other progressive states in embracing digital assets. Bitcoin Mining Bill Aims to Open the Door Christofanelli’s bill, steeped in forward-thinking, proposes a... source: https://beincrypto.com/missouri-texas-southern-us-bitcoin-mining-hotspot/
Aug 18, 2023 6:37 am
Evergrande Group and its subsidiaries file for bankruptcy in the Southern District of New York
Odaily Planet Daily News Evergrande Group filed for bankruptcy protection under Chapter 15 of the U.S. Bankruptcy Law in the Southern District Court of New York State, and applied for reorganization procedures in Hong Kong and the Cayman Islands. Chapter 15 of the U.S. Bankruptcy Code allows corporate legal persons outside the United States to file for bankruptcy in the U.S. court system through their appointed representatives. The move is aimed at protecting its U.S. assets from creditors while pursuing restructuring deals elsewhere. Evergrande subsidiaries Tianji Holding Ltd. and Scenery Journey Limited also filed for bankruptcy protection at the same time. (Bloomberg)
Aug 05, 2023 9:17 pm
U.S. District Court for the Southern District of New York dismisses two citizens' lawsuit against Tether
Odaily Planet Daily News Judge Laura Taylor of the Federal District Court for the Southern District of New York dismissed two citizens' lawsuits against Tether. The lawsuit accused Tether of claiming that USDT has a one-to-one backing asset as a false statement. The judge dismissed it with "plausible injury allegations" the lawsuit. (The Block)
Apr 11, 2023 6:11 pm
Seoul Southern District Prosecutor's Office Freezes Do Kwon's 7.1 Billion Won Assets
According to Forkast, South Korea's Seoul Southern District Prosecutor's Office has frozen Do Kwon's 7.1 billion won (about 5.36 million U.S. dollars) in assets, including deposits in overseas accounts. With court approval, South Korea is expected to prevent Do Kwon from transferring or selling assets, the report said. Assets will be forfeited following a final guilty verdict from the court.
Feb 18, 2023 2:28 pm
Southern Metropolis Daily: Tencent’s XR business is not suspended across the board, and will still consider the development direction of software technology and content ecology in the XR field
According to the Southern Metropolis Daily, people close to Tencent responded to the news that "Tencent will partially disband the XR (mixed reality) team", saying that the game XR business line will change the hardware development path and adjust the relevant business teams, but this adjustment does not mean that Tencent gave up exploring the XR field, and Tencent Games will still consider other development directions, such as software technology and content ecology. People close to Tencent told Nandu reporters that there are inaccuracies in the rumored information: the XR business is not suspended across the board, but to adjust some projects. The insider said, “After the Black Shark acquisition was blocked, Tencent’s original path of directly acquiring the self-built XR hardware ecosystem will change, so some projects in the XR business line have been adjusted.” Tencent previously announced in June 2022 The XR department was established on March 20, with the intention of developing the metaverse concept of the virtual world.
Jan 07, 2023 9:44 am
Southern District of New York Attorney's Office Invites FTX Fraud Victims to Cooperate with Authorities
The U.S. Attorney's Office for the Southern District of New York has provided information on the rights of victims in SBF's fraud case through a website and invited them to cooperate with authorities, where potential victims can coordinate with victims/witnesses from the U.S. Attorney's Office at an email address Contacting the police to assist in verifying whether it is a victim in this case.
Dec 03, 2022 10:08 am
Seoul Southern District Court Rejects Prosecutors' Arrest Warrant for Terraform Labs Key Figures
According to Yonhap News Agency, the Seoul Southern District Court rejected prosecutors' arrest warrants for several key figures in Terraform Labs. After interrogating the suspect, the judge said that judging from the attitude of the investigation, the facts of the case, the process and the content of the confession, it is difficult to see the risk of destroying evidence or escaping, so the arrest warrant was rejected.
Nov 16, 2022 3:32 pm
FTX's Bahamas Entity Files for Bankruptcy in Southern District of New York
According to Bloomberg, FTX’s Bahamian entity, FTX Digital Markets Ltd., has filed for Chapter 15 bankruptcy protection in the Southern District of New York Court, which is designed to facilitate companies involving assets and entities that span multiple countries. bankruptcy. The filing states that the debtor's assets and affairs will be subject to the control or supervision of a foreign court for the purposes of reorganization or liquidation.
Nov 07, 2022 11:14 pm
Criminal who stole 50,000 bitcoins from darknet 'Silk Road' pleads guilty in Southern District of New York
According to an announcement on the U.S. Department of Justice’s official website, James Zhong, a criminal who stole 50,000 bitcoins from the dark web “Silk Road” between 2012 and 2017, pleaded guilty to wire fraud in the U.S. District Court for the Southern District of New York. On November 9, 2021, law enforcement seized 50,676.17851897 bitcoins, worth over $3.36 billion at the time, during a search of James Zhong’s house in Georgia, making it the second-largest financial case ever seized by the U.S. Department of Justice . From September 2021 to August 2017, James Zhong used technical means to attack the withdrawal system of "Silk Road", withdrawing about 50,000 bitcoins to an account controlled by him. Later, James Zhong obtained 50,000 BCH due to the Bitcoin fork, and after selling all of them, he held a total of 53,500 Bitcoins. Law enforcement agencies seized a total of more than 50,676 bitcoins, $661,900 in cash and a large number of precious metal products from his residence. James Zhong voluntarily surrendered more than 1,000 bitcoins. In addition to the aforementioned assets, the court ultimately forfeited its 80% stake in RE&D Investments, LLC, which owns a substantial amount of real estate. Sentencing in the case is scheduled for February 22, 2023, and the Justice Department says it carries a maximum penalty of 20 years in prison.