American Water shuts down systems after cyberattack
American Water, the largest water and wastewater utility company in the US, has shut down some of its systems following a cyberattack.
While the company confirmed that none of its water or wastewater facilities or operations have been negatively affected by the attack, they proactively took their customer portal service (MyWater) offline, and their call center “has limited functionality” while portal is offline.
What happened?
New Jersey-based American Water is a public utility company with several subsidiaries, which provide water and wastewater services to some 14 million users in 14 US states.
In a 8-K filing with the US Securities and Exchange Commission (SEC), the company has confirmed that they’ve discovered unauthorized activity within its computer networks and systems on October 2, 2024, and immediately activated its incident response protocols and third-party cybersecurity experts to help contain and investigate the incident, as well as to mitigate its effects. Law enforcement has also been notified of the incident
On its website, the company said that they took MyWater offline to protect their customers’ data, and reassured that “there will be no late charges or services shut off while MyWater remains unavailable” and that the water is safe to drink.
“Our team is working around the clock to investigate this incident and safely restore our systems. Investigations of this nature take time, and we will provide more information when and as appropriate,” they added.
No further information on shut down systems has been made available.
Hackers going after companies in the water and wastewater sector
The cybersecurity incident at American Water comes after a recent one that forced Arkansas City’s water treatment facility to temporarily switch to manual operations.
The US Cybersecurity and Infrastructure Security Agency has previously issued warnings about cyber actors affiliated with an Iranian military organization and People’s Republic of China successfully exploiting programmable logic controllers and IT networks of organizations in several critical national infrastructure (CNI) sectors, including the water and wastewater systems sector.
“The ramifications of an attack and ensuing outage on CNI can be disastrous and it’s important to place the utmost amount of time, money and efforts on securing them,” Spencer Starkey, Executive VP of EMEA at SonicWall.
“These cyberattacks raise concerns about a country’s own national security, critical national infrastructure as well as the safety of sensitive information. Protecting government networks relies on constant communication and cooperation, working together with the private sector and imposing strict punishments, to deter future attacks.”