Cyber Incident Victim: Riviera Utilities

On October 17, 2021, an unknown actor gained unauthorized access to employee email accounts at Riviera Utilities, an energy supplier operating in Baldwin County, Alabama. The breach remained undetected until a forensic investigation conducted on March 28, 2022, confirmed the intrusion timeline and scope. Exposed data included names, Social Security numbers, driver's license or state identification numbers, passport numbers, medical information, health insurance details, credit/debit card numbers with expiration dates, and CVV codes. The company stated only a limited number of individuals were affected, with varying combinations of exposed information per customer. Critical payment systems storing auto-pay and bank draft data remained uncompromised, as did information submitted through Riviera's website portal. The five-month gap between intrusion and discovery allowed potential data exposure until containment.

Riviera Utilities notified impacted customers on April 26, 2022 – nearly six months post-breach and four weeks after forensic confirmation. While acknowledging no evidence of data misuse, the company offered complimentary credit monitoring services as a precautionary measure. Internal communications emphasized that the breach exclusively targeted employee email accounts rather than core transactional databases. Operational systems continued functioning without disruption throughout the investigation. The public disclosure occurred through a May 2, 2022 statement outlining the incident's parameters without attributing blame or disclosing mitigation specifics beyond credit monitoring provisions. No ransomware claims, financial demands, or subsequent attacks were reported in connection with the event.