American Water, the largest regulated water and wastewater utility company in the U.S., announced Tuesday that it was the target of a “cybersecurity incident.”
The New Jersey-based utility company became aware of “unauthorized activity” in their computer networks and systems on Thursday that was determined to be the result of a cyberattack, it said in a statement.
“Upon learning of the issue, our team immediately activated our incident response protocols and third-party cybersecurity professionals to assist with containment, mitigation and an investigation into the nature and scope of the incident,” the company said. “We also notified law enforcement and are coordinating fully with them.”
American Water also took their customer portal service offline as part of their response, putting a pause on billing “until further notice,” they said.
“At this time, we currently believe that none of our water or wastewater facilities or operations have been negatively impacted by this incident,” the company said, adding that their team is working to safely restore the systems.
Founded in 1886, American Water provides drinking water and wastewater services to more than 14 million people across 14 states and 18 military facilities, according to their website. The company manages more than 500 water and wastewater systems in approximately 1,700 communities, including in California, Illinois, Kentucky, New Jersey and Pennsylvania.
The investigation into the cyberattack is ongoing “and will take time to complete,” American Water said.
