South Staffordshire Water Fined £1m After Data Breach

A phishing email on 11 Sep 2020 led to installation of the Get2 downloader and SDBbot RAT at South Staffordshire Water; the attacker maintained access for nearly two years, escalated to domain admin, used RDP to access multiple endpoints, and exfiltrated 4.1 TB of sensitive personal data for 633,887 individuals, after which the ICO fined the company and cited multiple security failings including poor least-privilege enforcement, inadequate monitoring, legacy software, and weak vulnerability management.