Several London councils have reported cyber attacks taking place over the last three days.
The Royal Borough of Kensington & Chelsea (RBKC), Hackney, Westminster City Council, and Hammersmith & Fulham councils are all believed to be experiencing issues, with some services affected.
RBKC and Westminster share a number of IT services.
"We know a number of systems are impacted across both organisations, including phone-lines," said Westminster City Council in a statement.
"We are diverting more resources to manage this incident and monitor emails and phone lines, and the councils have invoked business continuity and emergency plans to ensure we are still delivering critical services to residents, focusing on supporting the most vulnerable."
It said that mitigation measures were being put in place and that it was investigating the incident, but didn't yet know what had happened.
Meanwhile, RBCK said the two councils have been working with specialist cyber incident experts and the National Cyber Security Centre (NCSC), with the focus on protecting systems and data, restoring systems, and maintaining critical services to the public.
They have also informed the Information Commissioners' Office (ICO).
"Our IT teams worked through the night yesterday and a number of successful mitigations were put in place, and we remain vigilant should there be any further incidents or issues," it said.
Some of the two councils' IT services are also shared by Hammersmith and Fulham, which is also believed to have been affected.
According to the Local Democracy Reporting Service (LDRS), Hackney has been hit too. Staff have reportedly been sent a memo saying: "We have received intelligence that multiple London councils have been targeted by cyber-attacks within the last 24-48 hours, with potential disruption to systems and services.
"Your immediate co-operation is essential to protect the council and the data of our residents."
London councils in the crosshairs
In 2020, Hackney Council was hit by a ransomware attack that saw 440,000 files stolen and encrypted. At least 280,000 residents and some staff were affected.
Last year, the ICO reprimanded the council over the incident, saying it was 'a clear and avoidable error and 'entirely unacceptable', and that it showed 'a lack of proper security and processes to protect personal data'.
Local councils are a highly popular target for cyber criminals, thanks to their limited cyber security budgets and the large amount of personal data they hold.
Earlier this year, Hammersmith and Fulham Council revealed that it was experiencing around 20,000 attempted cyber attacks every day.
According to the ICO, cyber attacks on local authority systems rose by a quarter between 2022 and 2023, while personal data breaches rocketed by 58%.
In late 2024, information commissioner John Edwards urged local authorities to prioritize cybersecurity, saying: "We trust local governments with some of the most sensitive personal information imaginable, yet they remain one of the leading sources of data breaches."
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Government CIOs prepare for big funding boosts as AI takes hold in the public sectorNews Public sector IT leaders need to be mindful of falling into the AI hype trap
-
Tech consulting market tipped to surpass $400bn in global revenue in 2026News A new report from Source Global Research reveals an increased appetite for tech consulting services as businesses look to upgrade hardware and tools
