Southern Water has warned that five to ten per cent of its customers' data could have been stolen in a cyber attack.

In an email to customers, the utility company said personal data such as names, dates of birth, national insurance numbers, bank account details and reference numbers could have been stolen.

The email, sent on Tuesday, February 13, said that the stolen data may have been stolen for sale on the dark web.

The company provides water services across Hampshire and apologised to customers, stating it had contacted regulators and was working with cybersecurity experts.

Southern Water provides essential water services to 2.5 million customers and wastewater services to more than 4.7 million customers across the south, including the Island.

The firm said it had been monitoring suspicious activity in its IT systems since it was named on a cybercrime website in January 2024.

The company have said: "Based on our forensic investigations so far, which are ongoing, we are planning to notify in the order of five to ten per cent of our customer base to let them know that their personal data has been impacted.

“We are also notifying all of our current employees and some former employees.

"We have engaged leading independent cybersecurity experts to monitor the 'dark web'.

“We take data protection and information security very seriously and, in accordance with our regulatory obligations, we are making contact with anyone whose personal data may be at risk."

It also said that water-based services and water supplies had not been affected by this issue.

The Information Commissioner's Office (ICO) said it had received a report about the incident and was investigating.

In a statement given to the BBC, it said: "Our advice to the public remains that if anyone is concerned about how their data has been handled or they are concerned about a potential breach, they should get in touch with the ICO."