NEWS18 December 2020

People’s Energy Company suffers customer data breach

Energy GDPR News Privacy UK

UK – The People’s Energy Company has been the subject of a data breach with the details of all of its almost 270,000 customers stolen.


In a blog post on its website, People’s Energy, which is a sustainable energy firm that aims to return 75% of profits back to customers, said that a third party gained unauthorised access to members’ data on 16th December.

The data accessed did not include energy account passwords or financial data, but included details such as names, addresses, phone numbers, email addresses, dates of birth, People’s Energy account numbers, tariff details, and gas and electricity meter identification numbers.

The company has identified the method by which the third party took the data and has taken action to prevent any further access. Both current and past members’ details were affected by the data breach.

The Information Commissioner’s Office and the energy industry regulator Ofgem have been notified.

The People’s Energy Company said in its blog post that it was taking steps to strengthen its data security measures.

“We take keeping your data safe extremely seriously,” the blog said. “Right now, we’re working with a dedicated external security team to add additional protection to our systems. Your financial data is kept in a separate system with enhanced security.”