Businesses' bank accounts and sort codes stolen in data breach

It has been revealed that an entire database had been stolen by hackers and included information on previous customers. Data stolen included names, addresses, dates of birth, phone numbers, tariff and energy meter IDs.


The company People's Energy has contacted all its 270,000 current customers, following a data breach.

The breach was discovered on Wednesday morning and People's Energy has since contacted the Information Commissioner's Office, the National Centre for Cyber-Security, the energy regulator Ofgem and the police.


But with the exception of 15 small-business customers, no financial information had been accessed. Those businesses' bank accounts and sort codes had been accessed, and they had been contacted by People's Energy.


These businesses' are unlikely to face any financial impact, but having their data stolen may leave them more vulnerable to phishing attacks.

Every day in the UK there are over 156 million phishing emails that are sent, 16 million of these pass the filters that are meant to stop them, leading to 8 million phishing emails still being opened.


Phishing attacks are becoming increasingly difficult to spot, so it is extremely important that as a business, you and your employees are all working as safely as possible. Here is a short video highlighting the most common things to look out for to avoid becoming a victim of a phishing attack.


The West Midlands Cyber Resilience Centre provides free core membership as well as a number of bespoke paid membership packages which can be further enhanced through a series of additional ‘bolt-on’ services such as a half-day staff awareness session at your site (up to 30 people).


Our security awareness training covers a whole host of cybersecurity subjects, from passwords and phishing to spoofed websites and multi-factor authentication. However, our Ethical Hacking Students do not deliver this in a mundane lecture full of technical jargon. We speak normal language, are fun and translate cyber security advice into easy to understand snippets to increase awareness across your organisation.


With the correct training, your employees can improve their cyber awareness which will develop your first line of defence to your company. When attackers defeat your technical measures successfully delivering a phishing email containing a bad link or a piece of malware, staff are usually on their own to identify malicious activity stopping the attack, so ensuring that they are confident is key to preventing a cyber incident.


Each session is tailored to the audience, so if you are part of a Board for a National company or a small team of hairdressers looking for some initial advice then we will be able to help - one size does not fit all. Our fully tailored session will address the issues you are facing in your sector.


Look at the full range of options and memberships here www.wmcrc.co.uk/membership

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.