London Hydro Discloses Customer Data Exposure After Security Incident
London Hydro, a Canadian utility serving more than 160,000 customers, disclosed a security incident that may have exposed customer personal and account information. The potentially affected data includes names, home and service addresses, email addresses, phone numbers, account and billing numbers, pricing plans, contract start dates, and meter information. The company said banking details, payment card data, dates of birth, and government-issued identification numbers were not involved, and it has begun notifying affected individuals.
The utility has not disclosed how the intrusion occurred, whether data was exfiltrated, how many customers were affected, or whether ransomware, extortion, third-party systems, or operational technology played a role. London Hydro warned that the exposed account details could make phishing, impersonation, and fraudulent billing scams more convincing, and advised customers to watch for suspicious communications, unexpected bills, unfamiliar account activity, and requests to change payment arrangements.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
London Hydro begins notifying affected customers
The utility said it has started notifying affected individuals about the incident and advised them to monitor for suspicious communications, unfamiliar account activity, unexpected bills, and fraudulent payment-change requests. The company did not disclose how many customers were affected or whether data was exfiltrated.
London Hydro discloses customer data security incident
London Hydro disclosed a data security incident that may have exposed some customers' personal and account information, including names, addresses, contact details, account and billing numbers, service addresses, pricing plans, contract start dates, and meter information. The utility said banking details, payment card data, dates of birth, and government-issued ID numbers were not involved.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Loblaw Customer Data Breach via Compromised IT Network Segment
**Loblaw Companies Limited** disclosed that attackers gained unauthorized access to a contained, non-critical portion of its IT network and exfiltrated basic customer information. The company said the exposed data includes **names, phone numbers, and email addresses**, while its investigation has so far found no evidence that **passwords, payment card data, health or pharmacy records, or PC Financial systems** were compromised. Loblaw said it detected suspicious activity, contained the affected environment, and launched an investigation into the intrusion. Reporting on the incident indicates the breach affected customer records stored in that segmented environment, creating follow-on risk of **phishing and social engineering** against impacted individuals. As a precaution, Loblaw logged customers out of their accounts, and external reporting noted no public threat actor claim tied to the intrusion at the time of publication. The available information indicates a limited but confirmed exposure of personally identifiable information rather than a compromise of Loblaw’s core operational, financial, or medical data systems.
Mar 21, 2026
Capital Economics and People's Energy Breaches Exposed Customer Data
Capital Economics and People's Energy both suffered data breaches in December 2020 that later surfaced in breach disclosures, exposing large volumes of customer information. Capital Economics, an economic research firm, had about **263,000 customer records** compromised, including names, email addresses, physical addresses, phone numbers, job titles, and employer details. People's Energy, a UK power company, had nearly **7GB of data** exposed, affecting **359,000 unique email addresses** along with names, phone numbers, physical addresses, and dates of birth. The breach also exposed staff email addresses and **`bcrypt` password hashes**, although available reporting said no customer passwords were included in the leaked data.
Mar 27, 2026
Lloyds Banking App Glitch Exposed Other Customers’ Transaction Data
UK lawmakers are pressing **Lloyds Banking Group** for answers after a March 12 digital banking glitch allowed some customers using the **Lloyds Bank, Halifax, and Bank of Scotland** apps to view other users’ transaction histories. Treasury Committee chair **Meg Hillier** called the incident an “alarming breach of data confidentiality” and asked CEO **Charlie Nunn** to explain what caused the failure, which channels were affected, how many customers were impacted, what personal and financial data was exposed, and how the bank responded. Customer reports indicate the exposure went beyond a minor display error, with visible data reportedly including transaction details, sender and recipient names, shop names, card transaction locations, amounts, the last four digits of payment cards, and direct debit reference numbers. Lloyds said the issue was resolved quickly and that it is investigating the cause, but the incident has intensified scrutiny of the resilience and security of UK banks’ digital services as more customers are pushed toward online and mobile banking amid branch closures and a broader pattern of service outages across the sector.
Apr 3, 2026