Personal information of consumers was exposed after the hack of staff email accounts at Riviera Utilities, a utility provider servicing Baldwin County in Alabama. The company released a statement on the night of May 2 and disclosed that an unknown perpetrator obtained access to internal data.
The company has already notified specific people about the security incident. In order to identify further details, it is working with external cybersecurity experts. Names, Social Security numbers, passport numbers, driver’s license or state identity numbers, medical information, credit or debit card numbers, health insurance information, card expiration dates, and card CVVs are among the personal information of a “limited number of individuals” exposed.
Riviera Utilities said that the aspects of personal information differed depending on the consumer. According to a forensic analysis conducted on March 28, 2022, the email accounts were accessed on or around October 17, 2021. On April 26, those who were impacted by the incident were contacted.
Riviera Utilities stated in the statement that this access did not cover the systems that store auto-pay, bank draft information, or other personal data. Moreover, this security breach had no impact on any personal information provided or uploaded on Riviera’s website.
“We have no evidence that any personal information was misused as a result of this incident. However, out of an abundance of caution, we notified individuals whose information may have been included in the files present in the impacted employee email accounts.” Those who have been harmed by the incident will receive free credit monitoring services.