‘People’s Energy’ Announces Data Breach Affecting All Customers

Last updated September 17, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer

‘People’s Energy,’ the Scotland-based ethical energy supplier that “puts people and the planet first,” has suffered a data breach that affects its entire customer-base, approximately 270,000 people in the UK. According to the relevant announcement on the website, an unauthorized third-party has gained access to one of their systems on December 16, 2020.

Although the detection was immediate and the defensive action was prompt, the intruders may have accessed certain personal details, including names, home addresses, phone numbers, email addresses, dates of birth, account numbers, tariff details, and gas and electricity meter ID numbers. The company believes that no financial information was accessed, as these details are stored elsewhere, on a non-compromised part of the network. Also, account passwords weren’t accessed either.

Since the actors possess names, email addresses, and phone numbers, they could very easily try their luck in phishing and scamming via SMS and email messages. Thus, customers of ‘People’s Energy’ are advised to remain vigilant over the next couple of months and even further in the future. If you happen to receive a message that supposedly comes from ‘People’s Energy,’ be extra careful. Crooks will likely attempt to trick you using this very incident as the lure, asking you to reset your password due to the security breach and taking you to a phishing website.

The firm says that besides being careful and reporting any suspicious incoming communications to them, there’s nothing else that you should do. Since passwords weren’t compromised, you don’t need to reset them.

If you receive an email about voting in your advisory board elections or another one from ‘Magnum Utilities’ about a smart meter installation, rest assured that these two are genuine. However, crooks know that too, so if you get more of the same in the following days, they will most likely be phishing attempts.

In the meantime, ‘People’s Energy’ is working with a cybersecurity expert team to help them strengthen their protection systems. The fact that they chose to keep financial data in a separate system saved them and the clients from a worse scenario, so this is an example of good security practices paying off.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: