Colorado Springs Utilities hit by cyberattack, personal data exposed

Colorado Springs Utilities (CSU) informed customers that some of their personal data was stolen in June.

According to a letter sent to customers, data stored by a subcontractor of Utilities was "accessed by an unauthorized party" June 15. CSU was notified of the incident July 6, the letter states. The affected information included:

Full names,
Home addresses,
CSU account numbers,
Email addresses,
Phone numbers.

Roughly 200,000 accounts were in the file that was accessed.

Given that no sensitive, proprietary or confidential data such as social security numbers or credit card numbers were stolen, CSU reported the occurrence is not defined as a data breach. Utilities chose to "proactively notify" customers of the data disclosure for the sake of transparency, the company's website reads.

Summer rate hike to average over $16 a month, CSU says.

Steve Berry, a spokesperson for CSU, said the decision was made given the number of scams being perpetrated on the public currently. Berry said Utilities wanted people to be more informed and know that just because someone has their account number, it doesn't mean they are a legitimate source.

Berry encouraged customers who had questions to call Utilities and verify any communication they may receive. The website reminds customers that Utilities will never call and demand sensitive information "such as credit cards, payment or social security numbers."

The Virginia Commonwealth University Health System also suffers a data breach. The organization warned that some transplant recipients’ medical records contained their donor’s information, while recipient information also showed up in some donors’ records. It has been inappropriately exposing this information since 2006 in some cases.