American Water suffers network disruptions after cyberattack
The website of the largest publicly traded water utility in the US remained offline this morning after a cyberattack Oct. 3 forced the company to shut down some of its connected systems and services.
American Water is a significant supplier of water in the US, serving more than 14 million customers across 14 states and 18 military installations. The company employees about 6,500 people across its facilities. It discovered “unauthorized activity within its computer networks and systems” on Oct. 3 that turned out to be the result of a cybersecurity incident, the company reported in a Form 8-K filing with the US Securities and Exchange Commission.
The company activated incident-response protocols and enlisted third-party cybersecurity experts to help it contain and mitigate the attack, which included disconnecting and deactivating “certain” systems to “protect” systems and data, it reported.
Online, Telecom Systems Affected
The outages appear to have included the company’s online customer-facing sites, as the American Water website as well as its “MyWater” customer portal served up white pages with “Forbidden 403” text today.
An attendant who answered a Dark Reading phone call to American Water’s headquarters in Camden, N.J., early on Oct. 8 said she was unable to connect to a member of the media relations team, nor leave a message for anyone because the telecommunications system also “is down.”
At this time, it seems that none of the company’s water or wastewater facilities or operations have been negatively affected by the incident, although it’s too soon to predict the full impact and material effect it will have on the company, according to the filing. An investigation alongside law enforcement officials remains ongoing as to the exact cause and extent of the damage.
To read the complete article, visit Dark Reading.