Cyber Incident Victim: Gas South LLC
Date:
Feb 2022
Location:
United States of America
Summary
Gas South LLC experienced a data breach after an unauthorized party accessed its network, compromising sensitive consumer data during a ten-day period. The company detected unusual activity, secured affected systems, and initiated an investigation, confirming unauthorized access to certain files containing personal information. While specific data types were not formally disclosed, state breach notification requirements suggest potential exposure of Social Security numbers, driver’s license details, financial account information, or medical records. The incident impacted an undisclosed number of individuals across multiple states, prompting notification letters to affected parties and regulatory filings.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 21, 2022, Gas South, LLC detected unusual activity on portions of its computer systems, prompting immediate containment measures including disconnecting affected systems and securing its network. The company initiated an investigation that confirmed unauthorized access to certain company files occurred between February 13, 2022 and February 23, 2022. While the specific intrusion methods were not disclosed, the investigation revealed that sensitive consumer data had been exposed during this 10-day period. Gas South subsequently reviewed compromised files to identify impacted individuals and determine the scope of data exposure, though this review remained ongoing at the time of reporting. The company did not publicly confirm which data types were compromised, but its July 15, 2022 breach notification filing with the Montana Department of Justice indicated likely exposure of one or more regulated data categories under state law, including Social Security numbers, driver's license numbers, financial account numbers, or medical records.
Gas South formally notified affected individuals through data breach letters distributed on July 15, 2022, coinciding with regulatory filings. The Atlanta-based natural gas provider, serving over 425,000 customers across 14 states, did not disclose the number of affected consumers or specific operational systems compromised. As a subsidiary of Cobb Electric Membership Corporation with approximately 250 employees and $193 million annual revenue, the breach exposed vulnerabilities in Gas South's data protection measures without confirmed details regarding root causes such as phishing, inadequate security protocols, or system misconfigurations. No evidence emerged suggesting public release or misuse of stolen data post-incident. The company's public communications emphasized containment through system isolation and network reinforcement but omitted specifics regarding forensic findings, remediation steps, or third-party involvement in the investigation.