On October 7th, American Water Works, the largest water utility in the United States, confirmed it had fallen victim to a cyber attack. In light of this incident, the company has temporarily disabled its customer service portal and put a hold on billing operations for its customers. As they work closely with investigators to uncover the attack’s origins, American Water reassured the public that there has been no compromise to water supply systems or operations, maintaining that tap water remains safe for consumption.
According to reports from the Associated Press and CBS, Camden, New Jersey-based American Water Works serves over 14 million customers across 14 states, including 18 military facilities, making it the nation’s foremost provider of water and wastewater services.
The company detected unauthorized access to its systems on October 3rd and quickly identified it as a cybersecurity breach. In response, they took immediate protective measures, including shutting down certain systems. While they affirm that the incident has not disrupted water supply or operations, the full impact is still being assessed.
In the meantime, employees are actively involved in investigating the scope and nature of the breach. The company has also notified law enforcement and is collaborating with them on the investigation. Customers will not face late fees during this period of system inaccessibility.
A spokesperson for American Water stated, “To safeguard customer information and prevent any further environmental impact, we have disconnected or deactivated certain systems. During this downtime, we will not charge customers late fees.”
The company’s website notes that it oversees over 500 water and wastewater systems in about 1,700 communities across states such as California, Georgia, Hawaii, Illinois, Indiana, Iowa, Kentucky, Maryland, Missouri, New Jersey, Pennsylvania, Tennessee, Virginia, and West Virginia.
Additionally, The Wall Street Journal highlighted growing concerns among U.S. officials regarding reported intrusions by Chinese intelligence agents into critical American infrastructure, including water treatment facilities. They suspect recent cyber attacks targeting U.S. broadband providers could have connections to the Chinese government.
An EPA spokesperson commented on this troubling trend, indicating that foreign cybercriminals have increasingly prioritized the disruption of essential national infrastructure: “All drinking water and wastewater systems, regardless of size or location, are at risk.”
