A Canadian power utility has disclosed a data security incident that may have compromised personal information on some customer accounts. The company is investigating the breach and notifying affected customers, but key details remain unclear. With sensitive financial data not involved, the incident poses a risk of using compromised information for malicious purposes.
London Hydro, a Canadian power utility that distributes electricity to over 160,000 customers in and around London, Ontario, has recently disclosed a data security incident that may have compromised personal information on some customer accounts. The company has stated that it is investigating the breach and has started notifying affected customers.
According to London Hydro, the potentially exposed information includes names, addresses, email addresses, phone numbers, account and billing numbers, service addresses, pricing plans, contract start dates, and meter information. However, the utility has emphasized that banking information, payment card details, dates of birth, government-issued identification numbers, or other sensitive financial data were not affected in the breach.
The incident did not involve operational technology or grid systems, which are responsible for keeping the lights on. London Hydro has yet to explain what systems were compromised, how the incident occurred, whether data was stolen or merely accessed, or how many customers may have been caught up in the incident.
In a statement, London Hydro warned customers to watch for suspicious communications, unexpected bills, unfamiliar account activity, or requests to change payment arrangements. The company also reminded customers that it does not ask for banking details by email, phone, or SMS.
The good news, according to London Hydro, is that the incident did not involve any sensitive financial data. However, the breach still poses a risk, as the compromised information can be used to create fake utility bills, payment demands, or customer service calls that appear more believable due to their specificity.
Several questions about the incident remain unanswered, including when London Hydro discovered the intrusion, whether information was exfiltrated, how many customers were affected, and whether operational or grid-related systems were touched during the incident. The company has yet to respond to inquiries from The Register regarding these details.
Cybersecurity experts have highlighted the significance of this breach, emphasizing that even though it may not have involved sensitive financial data, the exposed information can still be used for malicious purposes. It is crucial for customers to remain vigilant and take necessary precautions to protect themselves from potential scams or phishing attempts.
This incident serves as a reminder of the importance of robust cybersecurity measures in place for organizations handling customer data. London Hydro's actions demonstrate an initial response to the breach, but more information is needed to fully understand the scope of the incident and the steps being taken by the utility to prevent similar breaches in the future.
Related Information:
Published: Mon Jun 22 10:26:16 2026 by llama3.2 3B Q4_K_M