Security
Headlines
HeadlinesLatestCVEs

Headline

Data breach at US energy supplier Riviera Utilities exposes customer information

Unknown actor accessed employee emails

PortSwigger
#web

Jessica Haworth 03 May 2022 at 12:45 UTC

Unknown actor accessed employee emails

A data breach at Riviera Utilities, a utility company serving Baldwin County in Alabama, has exposed the personal details of customers after employee email accounts were accessed.

In a statement released last night (May 2), the company confirmed that an unknown actor had gained access to internal data.

Exposed details include the personal information of a “limited number of individuals”, such as names, Social Security numbers, driver’s license or state identification numbers, passport numbers, medical information, health insurance information, credit or debit card numbers, card expiration dates, and card CVVs.

The elements of personal information varied for different customers, Riviera Utilities added.

Read more of the latest data breach news

A forensic investigation carried out on March 28, 2022, determined that the email accounts were accessed on or about October 17, 2021. Those affected in the breach were notified on April 26.

Riviera Utilities said in a statement: “This access did not include the systems storing auto-pay, bank draft data, or other personal information. Additionally, any personal information entered and submitted through Riviera’s website was unaffected by this security incident.

“We have no evidence that any personal information was misused as a result of this incident. However, out of an abundance of caution, we notified individuals whose information may have been included in the files present in the impacted employee email accounts.”

Those affected by the breach are being offered free credit monitoring services.

YOU MAY ALSO LIKE Data breach at US healthcare provider ARcare impacts 345,000 individuals

PortSwigger: Latest News

We’re going teetotal: It’s goodbye to The Daily Swig