Two major water companies, Veolia North America in the United States and Southern Water in the United Kingdom, have been targeted in ransomware attacks that resulted in data breaches. In the Veolia attack, the Municipal Water division was hit, leading the company to take down targeted backend systems and servers, disrupting online bill payment systems. While Veolia stated that there is no evidence the incident affected water or wastewater treatment operations, it admitted that the personal information of a limited number of individuals might have been compromised. In the Southern Water incident, the Black Basta ransomware group claimed to have stolen 750 GB of files, including personal information and corporate documents, and threatened to make the data public if a ransom is not paid within five days. Southern Water is currently investigating the claims but has found no evidence that customer relationship or financial systems were impacted.