Image by Swanky Fella, from Unsplash
American Water Faces Cybersecurity Incident
Reading time: 2 min
Posted on Oct 9, 2024
-
![Kiara Fabbri]()
-
![Justyn Newman]()
Fact-Checked by Justyn Newman Lead Cybersecurity Editor
In a Rush? Here are the Quick Facts!
- American Water announced a cybersecurity incident affecting its operations.
- The company serves over 14 million customers across 14 states.
- American Water reassured customers about no late charges during system outages.
American Water, the largest regulated water and wastewater utility in the United States, made headlines following the announcement of a cybersecurity incident. The Camden, NJ-based company revealed the breach on Monday, just days after detecting suspicious activities and promptly notifying law enforcement, as reported by VICE.
The company, which serves over 14 million customers across 14 states and 18 military installations, became aware of unauthorized access last week. In response, it took immediate protective measures, including shutting down specific systems to safeguard its data.
In the regulatory filing, American Water stated that the full extent of the breach remains unclear, acknowledging that they are “currently unable to predict the full impact of this incident,” as noted by VICE.
The decision to disable customer systems was made to protect sensitive data, although the company cautioned that it is too early to determine if any customer information has been compromised, as reported by CNBC.
American Water does not believe that its facilities or operational capabilities were compromised in the attack. The company emphasized that its staff is working around the clock to ascertain the nature and extent of the incident, noted Fortune.
Additionally, they have been in contact with law enforcement and are cooperating fully with ongoing investigations. Customers can rest assured that no late charges will be incurred while the company’s systems remain unavailable, Fortune reports.
Earlier this year, the Environmental Protection Agency (EPA) warned about the increasing frequency of cyberattacks targeting water utilities in the U.S. and called for immediate measures to protect the nation’s drinking water supplies.
According to the EPA, 70% of the inspected water systems did not meet the requirements outlined in the Safe Drinking Water Act.
While the EPA did not provide specific figures, it indicated that many systems exhibit “alarming cybersecurity vulnerabilities,” including unupdated default passwords, vulnerable single-login setups, and access retained by former employees, CNBC reported.
An American Water spokesperson declined to comment beyond the information provided in the official security statement, CNBC reported.
Previous Story
Latest articles 
Leave a Comment
Cancel