The credit rating agency Moody's has warned that water companies face an "elevated" risk from cyber attackers targeting drinking water, as suppliers wait on permission from the industry regulator to ramp up spending on digital security. Moody's said, in a report to investors, that hackers are increasingly zeroing in on infrastructure companies, including water and wastewater treatment companies, and the use of AI (artificial intelligence) could accelerate this trend. Last month, Southern Water, which supplies 4.6 million customers in the south of England, said the Black Basta ransomware group had claimed to have accessed its systems, posting a "limited amount" of data on the dark web. Separately, South Staffordshire Water apologised in 2022 after hackers stole customers' personal data. Moody's warned that the growing use of data-logging equipment to monitor water consumption, and the use of digital smart meters, made companies more vulnerable to attacks.

Early in 2020, a US Treasury Department watchdog warned the IRS that the agency needed to do more to protect against identity fraud. In recent data breaches, the report said, "much of the information the IRS uses to provide assurance of the taxpayers' identities may have been stolen." The pandemic soon underscored the danger. When the IRS launched a web page for taxpayers to enter bank details for stimulus checks, it verified users by asking for data such as a person's birth date and Social Security number. Some people logged on only to find fraudsters had got there first.