Cyber incident strikes Gloucester City Council as residents suffer service outages

A cyber attack depicted in binary code
(Image credit: Shutterstock)

Gloucester City Council has confirmed a cyber incident is affecting a number of its systems and services with residents experiencing service outages.

The Council said it is currently working with the National Cyber Security Centre (NCSC) and National Crime Agency (NCA) to fully understand the nature of the incident.

Gloucester City Council sources said the attack is believed to be linked to Russian hackers, adding the Council first became aware of the incident on 20 December 2021, according to the BBC.

The Council is believed to have been hit with a form of sleeper malware that infected an officer's computer via a malicious email. The malware is also thought to have laid dormant on the network for some time before the malicious payload was launched.

Gloucester City Council said residents can expect delays to services and is handling the most urgent resident enquiries as a matter of priority via email.

Various online application forms for Council services such as council tax support, housing benefit, housing payments and test and trace support are all delayed or down.

"We are aware of an incident impacting Gloucester City Council," said an NCA spokesperson in a statement to IT Pro, which was also echoed by the NCSC. "National Crime Agency officers are working alongside partners in the NCSC to better understand the incident and support the Council."

The Information Commissioner's Office (ICO) told IT Pro it has been made aware of the incident and is in the process of making enquiries.

"We'll provide updates on services as soon as we are able to, however, we are focusing on managing any urgent customer issues and continue to work with the national agencies and our IT partners to bring our systems back online as quickly as possible, Gloucester City Council said in a statement.


Oracle’s modern data platform strategy

Freedom from manual data management


"As the situation is still being investigated it is unfortunately not possible to give a current timeframe for when we’re able to resolve the issues and we are unable to share any further details as it is an active investigation," it added. "[Residents] can still access advice and information via our website including emergency numbers if you need to contact us. We are taking the situation extremely seriously and thank residents for their co-operation and understanding."

Residents are advised if they cannot find the information they need on the Council's website, they can call 01452 396396 or email for assistance.

One Twitter user, with their set location displayed as Gloucester, criticised the Council for not acting swiftly enough after the incident began nearly a month ago, raising the point that it's not the first time Gloucester City Council has been reprimanded for cyber security failings.

Gloucester City Council was previously fined £100,000 by the ICO for a 2014 data breach involving an exploit of the 'Heartbleed' flaw in the OpenSSL software library.

The Council lost 30,000 emails to hackers containing personal information belonging to employees after it knowingly failed to patch the widely publicised security vulnerability.

The ICO said at the time that the "Council's security systems were not robust enough to protect the data they held" and that a lack of oversight on the matter left the Council, which was outsourcing its IT systems at the time, vulnerable to the attack.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.