On October 7th, American Water Works, the largest water utility company in the United States, revealed that it has been targeted by a cyberattack. In response to this incident, the company has temporarily suspended its customer service portal and halted billing processes. They are working closely with investigators to uncover the details surrounding the attack. Preliminary findings indicate that water supply facilities and operations remain unaffected, and drinking water continues to be safe.
According to reports from the Associated Press and CBS News, American Water Works is based in Camden, New Jersey, and provides services to over 14 million people in 14 states, including 18 military installations.
The company reported to regulatory agencies that unauthorized access was detected on October 3. Once it was confirmed as a cybersecurity issue, they took immediate action, including shutting down various systems. While the attack has not disrupted water supply or operations, the company is still assessing the full impact of the incident.
Employees at American Water are diligently investigating the situation to determine both the nature and scope of the attack. The company has notified law enforcement and is fully cooperating with the ongoing investigation, assuring customers that they will not be charged late fees during this period of service downtime.
A spokesperson for American Water stated, “To safeguard customer data and mitigate any further environmental risks, we have disconnected or powered down certain systems. During this time, customers will not incur any late fees.”
American Water’s website shows that the company operates over 500 water and wastewater systems across about 1,700 communities in states including California, Georgia, Hawaii, Illinois, Indiana, Iowa, Kentucky, Maryland, Missouri, New Jersey, Pennsylvania, Tennessee, Virginia, and West Virginia.
The Wall Street Journal has reported concerns from U.S. officials regarding the potential involvement of Chinese intelligence agents in hacking attempts aimed at critical infrastructure networks, including water treatment facilities. They suggest that recent cyberattacks on American broadband providers may have connections to the Chinese government.
An EPA spokesperson highlighted the growing threat, stating, “Disrupting critical national infrastructure has become a key objective for foreign cybercriminals. All drinking water and wastewater systems, regardless of their size or location, are at risk.”
