A UK local authority has suffered a cyber-attack, leaving more than 135,000 residents without vital online services.

Redcar and Cleveland Borough Council’s website and its network of computers were attacked last week. Online appointment bookings, planning documents, social care advice and council housing complaints systems are just some of the services knocked offline.

A cyber-security expert told BBC News the incident had all the hallmarks of a ransomware attack, in which files are scrambled until a ransom is paid.

The National Crime Agency said it was supporting the council, who has so far refused to confirm the nature of the hack.

A team of experts from the UK’s National Cyber Security Centre (NCSC) has been on site since the cyber-attack, which took place at 11am on Saturday. A spokeperson for the NCSC said:

We are aware of a cyber-incident affecting Redcar and Cleveland Borough Council. …This is an isolated incident and we are supporting the organisation and working with partners to understand its impact.

The council’s Leader, Councillor Mary Lanigan, told the BBC: “Computers have been taken offline and systems are being rebuilt.”. She added:

We have a massive team here – including cyber-security experts – working around the clock flat out to get it fixed. …They have to go through [IT systems] bit by bit to make sure everything is clean. A lot of our staff are not able to work without computers but they are coping quite well here. The main problem is that we have no email systems. so we have extra phone lines for residents.

Reverting to Pen and Paper

The website for council tax payments is still open and the council says frontline services are continuing, with staff using pen and paper.

The council says it is keeping taxpayers updated via Facebook and Twitter.

Its latest update said: “We are still experiencing issues with our IT systems, which means we are working with a reduced capacity. We are able to receive and answer limited calls and emails and we will be prioritising urgent messages. There may be a slight delay in dealing with non-urgent calls and messages, and the council’s website is currently down.”

Local resident Claire Louise Corless complained on Facebook: “Should have really sent a letter out or emailed people, not everyone has Facebook to find out. I’m still waiting for my registration to be done online for weeks now. You would soon come after me if I didn’t pay my bill!”

Ransomware?

The council and the NCA declined to say whether hackers were holding the council to ransom with a so-called ransomware attack.

Ransomware attacks are one of the most prolific and costly forms of cyber-attack, in which hackers take control of an organisation’s computer system and scramble their information until a ransom is paid.

The council said its current assessment indicated no sensitive personal data had been stolen. It would not say whether or not data had been encrypted by hackers, or whether negotiations were taking place with cyber-criminals.

Source: BBC News

If you liked this story, check out our Premium Privacy Insights for informative articles on wide-ranging global data privacy issues.

Contact the author
Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Peter Borner
Executive Chairman and Chief Trust Officer

As Co-founder, Executive Chairman and Chief Trust Officer of The Data Privacy Group, Peter Borner leverages over 30 years of expertise to drive revenue for organisations by prioritising trust. Peter shapes tailored strategies to help businesses reap the rewards of increased customer loyalty, improved reputation, and, ultimately, higher revenue. His approach provides clients with ongoing peace of mind, solidifying their foundation in the realm of digital trust.

Specialises in: Privacy & Data Governance

Contact Our Team Today
Your confidential, no obligation discussion awaits.