UK water company allowed hackers to lurk undetected for nearly two years, regulator finds

A Cl0p ransomware-related intrusion into South Staffordshire Water began with a malicious email in September 2020 and, after exploiting the critical ZeroLogon vulnerability and using a domain administrator account for lateral movement, resulted in the publication of ~4.1 TB of personal data affecting 633,887 people; the ICO fined the company £963,900 for failures including inadequate privilege controls, incomplete monitoring, unpatched systems, and lack of vulnerability scanning.