Eversource Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In August 2023, Eversource, an energy company, experienced a data breach that was part of a larger cyber attack affecting many companies globally. This incident impacted customers in several states, leading to unauthorized access to personal information. The breach occurred through one of Eversource's vendors, highlighting vulnerabilities in third-party services.
How many accounts were compromised?
The breach impacted data related to over 1.8 million individuals.
What data was leaked?
The data exposed in the breach included names, addresses, contact information, Eversource account and usage information, and for a smaller number of customers, their Social Security numbers.
How was Eversource hacked?
The ID breach occurred through a cyber attack involving MOVEit, targeting Eversource's vendor, CLEAResult, which administers various energy programs. The breach exposed personal information of customers enrolled in solar incentive and electric vehicle-grid modernization programs. The exact methods used by the hackers remain unclear.
Eversource's solution
In response to the hack, Eversource took several measures to secure its platform and prevent future incidents. This included reviewing the security controls of all contractors and implementing appropriate protective security measures for Eversource systems to protect customers. Eversource is also notifying affected customers and providing them with identity protection and credit monitoring through CLEAResult. The company is taking the security of their customers' information seriously and urging customers to remain vigilant against potential scams.
How do I know if I was affected?
Eversource has notified customers believed to be affected by the breach. If you're an Eversource customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform.
Where can I go to learn more?
For more information on the Eversource data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Eversource Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In August 2023, Eversource, an energy company, experienced a data breach that was part of a larger cyber attack affecting many companies globally. This incident impacted customers in several states, leading to unauthorized access to personal information. The breach occurred through one of Eversource's vendors, highlighting vulnerabilities in third-party services.
How many accounts were compromised?
The breach impacted data related to over 1.8 million individuals.
What data was leaked?
The data exposed in the breach included names, addresses, contact information, Eversource account and usage information, and for a smaller number of customers, their Social Security numbers.
How was Eversource hacked?
The ID breach occurred through a cyber attack involving MOVEit, targeting Eversource's vendor, CLEAResult, which administers various energy programs. The breach exposed personal information of customers enrolled in solar incentive and electric vehicle-grid modernization programs. The exact methods used by the hackers remain unclear.
Eversource's solution
In response to the hack, Eversource took several measures to secure its platform and prevent future incidents. This included reviewing the security controls of all contractors and implementing appropriate protective security measures for Eversource systems to protect customers. Eversource is also notifying affected customers and providing them with identity protection and credit monitoring through CLEAResult. The company is taking the security of their customers' information seriously and urging customers to remain vigilant against potential scams.
How do I know if I was affected?
Eversource has notified customers believed to be affected by the breach. If you're an Eversource customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform.
Where can I go to learn more?
For more information on the Eversource data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
Eversource Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
In August 2023, Eversource, an energy company, experienced a data breach that was part of a larger cyber attack affecting many companies globally. This incident impacted customers in several states, leading to unauthorized access to personal information. The breach occurred through one of Eversource's vendors, highlighting vulnerabilities in third-party services.
How many accounts were compromised?
The breach impacted data related to over 1.8 million individuals.
What data was leaked?
The data exposed in the breach included names, addresses, contact information, Eversource account and usage information, and for a smaller number of customers, their Social Security numbers.
How was Eversource hacked?
The ID breach occurred through a cyber attack involving MOVEit, targeting Eversource's vendor, CLEAResult, which administers various energy programs. The breach exposed personal information of customers enrolled in solar incentive and electric vehicle-grid modernization programs. The exact methods used by the hackers remain unclear.
Eversource's solution
In response to the hack, Eversource took several measures to secure its platform and prevent future incidents. This included reviewing the security controls of all contractors and implementing appropriate protective security measures for Eversource systems to protect customers. Eversource is also notifying affected customers and providing them with identity protection and credit monitoring through CLEAResult. The company is taking the security of their customers' information seriously and urging customers to remain vigilant against potential scams.
How do I know if I was affected?
Eversource has notified customers believed to be affected by the breach. If you're an Eversource customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective platform.
Where can I go to learn more?
For more information on the Eversource data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions