Eversource Energy data breach caused by unsecured cloud storage

Eversource, the largest energy supplier in New England, has suffered a data breach after customers' personal information was exposed on an unsecured cloud server.

Eversource Energy is the latest energy delivery company in New England, powering 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire.

In a data breach notification shared with BleepingComputer, Eversource Energy is warning customers that the unsecured cloud storage server exposed their name, address, phone number, social security number, service address, and account number.

For those affected by the data breach, Eversource is offering a free 1-year identity monitoring service through Cyberscout.

After receiving the data breach notification, an Eversource customer called Cyberscout to learn more about the breach. Ultimately, they were sent an internal frequently asked questions document used by Cyberscout employees to answer inquiries about the breach.

According to the FAQ shared with BleepingComputer, Eversource performed a security review on March 16th and found a "cloud data storage folder" that was misconfigured so that anyone could access its contents. When they discovered the unsecured folder, they immediately secured it and began investigating what data was stored on the folder.

This folder contained unencrypted files created in August 2019 that included the personal information of 11,000 Eversource eastern Massachusetts customers.

At this time, Eversource states that there is no indication that any of this data was acquired or misused by unauthorized people.

While this may be true, BleepingComputer recommends that users sign up for the free identify theft monitoring offered by Eversource to be alerted if their social security number is fraudulently used.

Affected users should also be on the lookout for possible phishing emails pretending to be from Eversource, or other companies, that utilize the exposed data to harvest further information.

Over the past two years, ransomware attacks and network breaches have targeted numerous utility companies, including EDP Renewables North America, Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), and the Enel Group. 

Even more concerning, threat actors recently breached a water treatment system in Oldsmar, Florida, and attempted to increase the concentration of sodium hydroxide (NaOH) cleanser to hazardous levels

These breaches, and even EverSource's less malicious breach, underscore how utilities need to increase their security posture to prevent these types of leaks and attacks in the future.

Thx to webster341 and i486DX for sharing their notifications and the FAQ.