You are here

Incident Awareness – Major Water Utility Experiences Cyber Attack (Update - October 15, 2024)

Incident Awareness – Major Water Utility Experiences Cyber Attack (Update - October 15, 2024)

Created: Tuesday, October 15, 2024 - 14:33
Categories:
Cybersecurity, Security Preparedness

October 15, 2024

Last week on Thursday, American Water reconnected its systems after taking them offline during its cybersecurity incident on October 3rd. WaterISAC has reached out to stakeholders for further information, but at the time of this writing has not received any additional details outside of the public statements on American Water's website. Further analysis of what is publicly known can be found at Dark Reading.

October 10, 2024

On Thursday, October 3, 2024, major water utility American Water reported to the U.S. Security and Exchange Commission (SEC) that it had experienced a cyber incident after learning of unauthorized activity within its computer networks. This prompted them to shut down some of their systems, similar to the recent incident targeting Arkansas City, however there has been no report of American Water reverting to manual operations as was the case in Arkansas City.

Upon learning of the incident, American Water promptly activated its incident response plan and coordinated with cybersecurity experts as well as law enforcement, whose investigation is ongoing. The company’s statement to the SEC, as well as its public online statement, said, “we currently believe that none of our water or wastewater facilities or operations have been negatively impacted by this incident.”

American Water is the largest publicly owned water and wastewater utility company in the U.S. It provides drinking water, wastewater and other related services to approximately 1,700 communities, an estimated 14 million people in 14 states, as well as 18 military installations. For their full public statement, visit American Water.  

As there have been many requests for information, WaterISAC will continue to monitor this situation and provide updates to members as more information becomes available.

Incident Reporting

WaterISAC encourages all utilities that have experienced malicious or suspicious activity to email [email protected], call 866-H2O-ISAC, or use the confidential online incident reporting form. Confidentially reporting to WaterISAC helps utilities and stakeholders maintain awareness of the threat environment of the sector. Additionally, to report incidents or suspicious activity to the FBI, contact your local field office at www.fbi.gov/contact-us/field-offices or the 24/7 Cyber Watch (CyWatch) at (855) 292-3937 or [email protected]. You can also report activity to CISA, via its online tools, at (888)282-0870, or [email protected].

Additional Resources