London Hydro has confirmed a data breach that exposed a range of customer information to unauthorized access. The Canadian utility company disclosed that compromised data includes customer names, physical addresses, email addresses, phone numbers, account and billing numbers, service addresses, pricing plans, contract start dates, and meter information.
The utility has not released details about the number of affected customers, the method of intrusion, or when the breach was discovered. London Hydro serves the London, Ontario region, providing electricity distribution services to residential and commercial customers throughout the area.
The exposed data types present multiple security concerns for affected customers. Account and billing numbers could potentially be used for account takeover attempts, while the combination of personal contact information and service details creates opportunities for targeted phishing campaigns. Attackers could use the legitimate-looking data to craft convincing scam messages impersonating the utility or related service providers.
Customers face risks including identity theft attempts, phishing emails or phone calls, and potential unauthorized access to their utility accounts. The exposure of service addresses alongside account information could enable attackers to correlate physical locations with account credentials, potentially facilitating more sophisticated fraud schemes.
Affected customers should closely monitor their London Hydro accounts for unauthorized changes or suspicious activity. They should exercise caution with any unsolicited communications claiming to be from the utility, particularly those requesting additional personal information or payment details. Customers should verify the authenticity of any London Hydro communications by contacting the company directly through official channels rather than responding to emails or calls. Setting up account alerts and reviewing billing statements regularly can help detect unauthorized access early.
Source: https://www.scworld.com/brief/london-hydro-customer-data-potentially-compromised-in-security-incident