People's Energy data breach affects all 270,000 customers

The company says financial data was kept in a separate system and remains secure

Low-cost energy supplier People’s Energy has suffered a data breach affecting every one of its 270,000 customers in the UK.

The breach was discovered on 16 December when an unauthorised third party gained access to one of the systems used to store some of the members’ data. The company said that as soon as it became aware of the breach, it shut down access to affected systems.

The company has since informed the Information Commissioner’s Office (ICO) and the energy industry regulator, Ofgem.

According to the company, cyber criminals managed to access the names, addresses, phone numbers, email addresses, dates of birth, People’s Energy account numbers, tariff details, and gas and electricity meter identification numbers of all customers.

Related Resource

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Why you need to protect your data resources - whitepaperDownload now

"Details for all our members were accessed," an email sent to customers read. "This includes both current members and former members who’ve used us as their energy supplier in the past. We’re doing everything we can to contact everyone affected to explain what’s happened. We’ve informed the Information Commissioner’s Office and the energy industry regulator, Ofgem. We’re following their guidance, and are keeping them updated on the situation."

"We take keeping your data safe extremely seriously. Right now, we’re working with a dedicated external security team to add additional protection to our systems. Your financial data is kept in a separate system with enhanced security."

Chris Clements, VP of Solutions Architecture at Cerberus Sentinel, told IT Pro that there must be a fundamental change in mindset regarding information security for all organisations.

“Risks from cyber-attack need to be taken with the same seriousness as risks from fire or flooding. The reality is that most security compromises are simple attacks of opportunity and every organization is a viable target for cybercriminals,” he said.

“The same way organisations invest in fire suppression and alarm systems they also must consider cybersecurity protection and monitoring as part of the cost of doing business.  It’s critical that this starts with adopting a culture of security from executive management to individual line of business contributors."

Paul Bischoff, privacy advocate at Comparitech.com, told IT Pro that People's Energy customers should be on the lookout for targeted phishing messages from fraudsters posing as People's Energy or a related company.

“They will use the personal information stored in the database to customise messages and make them more convincing. Never click on links or attachments in unsolicited emails, and always verify the sender's identity before responding,” he said.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Recommended

Hackers leak data from dark web marketplace
cyber security

Hackers leak data from dark web marketplace

9 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
Hackers sell $38 million in gift cards on Russian marketplace
hacking

Hackers sell $38 million in gift cards on Russian marketplace

7 Apr 2021
Personal data of 533 million Facebook users found on hacking forum
data protection

Personal data of 533 million Facebook users found on hacking forum

5 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Data belonging to 500 million LinkedIn users found for sale on hacker marketplace
hacking

Data belonging to 500 million LinkedIn users found for sale on hacker marketplace

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021