A London council is warning residents that their data may have been leaked following a cyber attack last week.
The Royal Borough of Kensington and Chelsea (RBKC) was one of three councils knocked partially offline temporarily last Monday, alongside neighbouring Hammersmith and Fulham and Westminster City Council.
RBKC has now confirmed that it's spotted a data breach as a result of last week's hacking attack, with the other councils working to discover if that's the case for their residents too.
"We have now obtained evidence on our systems that shows some data has been copied and then taken away," the RBKC council said in a statement. "At this moment in time, we believe the breach only impacts historical data."
The council added: "It is important to say we still have access to this information, it has not been stolen, but it is possible it could end up in the public domain. As a priority we are checking if this contains any personal or financial details of residents, customers, and service users — but this will take some time."
Westminster said it was investigating with a team of specialists to determine if any data was taken, while Hammersmith and Fulham Council was examining if data was copied from its records, in particular information dating from 2006 to 2020.
Old data is still a risk
The National Cyber Security Centre (NCSC) has warned that any residents or service users of those councils should be "extra vigilant" when called, emailed or sent text messages purporting to be from one of the three impacted authorities.
Indeed, Keven Knight, CEO of Talion, said hackers can still wreak plenty of havoc using older data.
"It doesn’t matter how old the data is; some of it will still be relevant and could put citizens and employees at risk," he said in a statement sent to ITPro.
"The data held by councils will often relate to personal information, such as home addresses, emails, full names, dates of birth and financial information," Knight added. "This is the type of information that can’t be changed easily. This means it's now in the hands of a threat actor, and victims will be exposed to an increased risk of phishing."
He also warned that criminals could try to use the breach to scam residents. "This could be malicious communications around the breach, where they try to encourage victims to disclose more sensitive information or ask them to click on links or open attachments," he said. "As a result, all correspondence around the incident must be treated with caution."
The RBKC added: "We are working with the Met Police and crime agencies on an investigation, in an effort to establish who did this, why, and if at all possible, bring them to justice."
Shared services, shared outage
RBKC first spotted the attack on Monday, and it appears as though the two neighbouring councils were impacted because they share some IT services.
"We detected a cybersecurity incident affecting shared IT systems used by Westminster City Council, the Royal Borough of Kensington and Chelsea, and the London Borough of Hammersmith and Fulham," noted a statement on the Westminster website. "Immediate steps were taken to contain the issue and protect our systems."
Hammersmith and Fulham Council said in a statement on its website that some online systems remained unavailable, but stressed there was no evidence its systems had been compromised and that any impact was "due to a cybersecurity incident in a neighbouring borough."
Westminster added that it may take several weeks "to return to full business as usual". However, it noted that most services are up and running, though there may be delays accessing some services. RBKC said it expects at least two weeks of "significant disruption" but was opening in-person customer service at Kensington Town Hall for emergency assistance.
Hackney not hacked
Hackney Council has denied it was also hit by the hacking attack that hit those west London councils, contrary to some media reports.
"Hackney Council is unaffected by the cyber attack that is reported to be affecting some councils in London," the spokesperson said in a statement on the Hackney Council website. "Media reports suggesting otherwise are mistaken."
Hackney will be keen to assure residents that it hasn't been affected in this round of attacks after the council was hit by a serious ransomware incident in 2020 that also led to a data breach, which saw it reprimanded by the Information Commissioner's Office.
Hammersmith and Fulham said earlier this year that it was seeing 20,000 attempted attacks every day, while the Information Commissioner's Office said attempts against local authority systems were up by 58% between 2022 and 2023.
-
Acemagic Matrix Mini M1 Mini PC reviewReviews The Intel-powered Acemagic is a smart-looking machine with plenty of connectivity options and a reasonable price
-
Google CEO Sundar Pichai says vibe coding has made software development ‘exciting again’News Google CEO Sundar Pichai claims software development has become “exciting again” since the rise of vibe coding, but some devs are still on the fence about using AI to code.
