Cyber Incident Victim: Fulcrum Utility Services Ltd

Fulcrum Utility Services Ltd, a Sheffield-based multi-utility infrastructure and services provider, detected unauthorised activity on its network in late August or early September 2022. The company promptly initiated incident response protocols to contain the cybersecurity breach, successfully halting the malicious activity before data exfiltration could occur. Following containment, Fulcrum securely reinstated its IT systems through controlled restoration processes, confirming no customer or operational data was compromised during the incident. While the majority of core utility services remained operational throughout the event, the attack caused significant disruption to internal management systems and information access capabilities. Technical teams worked continuously to restore full system functionality, with partial limitations persisting during the immediate recovery phase.

The cyber incident temporarily restricted managerial access to critical system information, forcing operational adjustments while recovery efforts continued. Fulcrum's board publicly acknowledged the attack on September 1, 2022, noting similarities to recent cybersecurity events affecting other UK businesses but providing no specific attribution details. Company shares reacted negatively to the disclosure, falling 3.8% to 7.70 pence on the announcement date amid broader investor concerns about cybersecurity vulnerabilities. This decline extended Fulcrum's existing downward trend, with shares having depreciated 61% over the preceding twelve-month period. The board committed to providing additional operational updates as recovery progressed, though no further technical details about the attack vector or duration were disclosed publicly.