British Gas reached out to over 2,000 of its clients to inform them that their passwords and email addresses were leaked and posted online.
This is the latest in a line of data breaches affecting major UK firms in the space of seven days, and comes after those of TalkTalk and Marks & Spencer.
In the email, British Gas claimed that the leak did not occur from a cyber hack and that no payment data had been leaked. The firm said in its email:
“As you’d expect, we encrypt and store this information securely. From our investigations, we are confident that the information which appeared online did not come from British Gas.”
British Gas has disabled any affected accounts after the breach was discovered. However, customers will likely need more to have their concerns alleviated.
Enterprise software company Accellion’s Keith Poyser said:
“The extent of the damage in the British Gas data leak shows that each and every organisation needs to take cyber security and data leak prevention more seriously.”
It may seem that the major companies are targeted more than small firms but the reality is that we hear more about the likes of British Gas and TalkTalk because they affect more consumers and are bigger stories. However, small firms are also being targeted and these businesses need to be doing everything that they can to prevent such a breach. Posting penetration testing jobs would be a great way to start so that the necessary in-house skills are in place.