City Of Leicester Council Attacked

Uploaded on 2024-04-11 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

The Britain's Leicester City Council said on 3rd April that confidential data has been published online by a “known ransomware group” following a cyber incident that was identified on March 7.  The authority said on 3 April that 25 stolen documents had been posted online, but now a "much larger batch"  of 1.3 terabytes has been released by hackers. Council leaders described the attack on its systems as "highly sophisticated".

The council said its IT networks were now back online and that a known ransomware group, which has hit a number of government, education and health organisations around the world, was responsible.

The confirmation comes after the criminals responsible for the attack uploaded stolen documents to their Dark Web site, prompting concerns over data security and user privacy. Now, the Inc. ransomware group which is known to share design fwarures with the prolific exploits developed by Lockbit has claimed responsibility for the attack and they are well known for targeting various governmental, educational and healthcare institutions.

The council said on 3rd April that approximately 25 sensitive documents, including rent statements, council housing purchase applications and personal ID records such as passport information were amongst those leaked, but now it has confirmed that the data batch released is much larger. “We have today been made aware that a small number of documents held on our servers have been published by a known ransomware group," said Richard Sword, the council's strategic director.

While the exact extent of the breach remains uncertain, Sword acknowledged the possibility that additional documents may have been compromised.

The Inc. Ransom group, which claims to have extracted 3 terabytes of data from Leicester City Council, has also published a 'proof pack' on a data leak site.While the majority of the council's systems and phone lines are now functioning normally, following a shutdown on 7th March when the attack was first detected, several critical services are still disrupted.

Emergency contact numbers were provided on the council's website as alternative means of communication,  for essential services and the council has cautioned residents and staff to remain vigilant and report any suspicious approaches from parties claiming to possess their data to Leicestershire Police. It says it is cooperating with law enforcement agencies, including Leicestershire Police and the National Cyber Security Centre, as part of the investigation.   

Inc.'s involvement in the cyber incident extends beyond Leicester, as the group has also claimed responsibility for an attack on NHS Dumfries and Galloway, part of the Scottish healthcare system

"In the last two weeks it's become evident that INC ransom have clear intent when it comes to targeting local services, with Leicester Council joining the victim list alongside NHS Dumfries and Galloway," commented Darren Williams, CEO and founder of security firm Blackfog.

The Director of critical infrastructure at Illumio, Trevor Dearing said: "Local councils store a vast amount of personal data which can be used in the longer term to conduct further attacks as well as be sold on the Dark Web for a quick profit or used for identity fraud... Attacks on the public sector show no signs of slowing down, but the sheer breadth of services local government must support means funding for cybersecurity will always be a challenge."

“The government should look to implement some of the recommendations in the recent parliamentary committee report on ransomware, especially on how respond to an incident. Ultimately local government should not have to choose between cyber security and social care." Dearing concluded.

Leicester.gov   |    Cybereason    |    Computing    |      Infosecurity   |    Techfinitive   |    TEISS    |  BBC

You Might Also Read: 

Cyber Attacks Hit Three English Councils At Once:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The AI Future: Three Tips For SMBs
Artificial Intelligence Might Prolong Human Life »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

Kent Interdisciplinary Research Centre in Cyber Security (KirCCS) - University of Kent

KirCCS harnesses expertise across Kent University to address current and potential cyber security challenges.

Cyber Exec

Cyber Exec

Cyber Exec is an executive search firm dedicated to global talent acquisition in Cyber Security, Information Technology, Defense...

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

Vehere

Vehere

Vehere specialises in mission critical signals aquisition and analytics platform and cyber defence systems.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

Intrepid Solutions & Services

Intrepid Solutions & Services

Intrepid Solutions and Services provides technology solutions and professional services to key components of the intelligence and national security communities.

Island

Island

Island puts the enterprise in complete control of the browser, delivering a level of governance, visibility, and productivity that simply weren’t possible before.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

Digimune

Digimune

Digimune is an all-encompassing cloud-based cyber risk protection platform that guards you against the dangers of our digital world.

Securious

Securious

If you need to improve your cyber security or achieve cyber security accreditations, Securious provide an independent service that will identify and address your issues quickly and efficiently.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

GO Business

GO Business

GO Business are a specialised B2B team within GO that caters to the communication needs of the local business community in Malta.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.

CyVent

CyVent

CyVent helps you select the right cybersecurity solutions at the right price for your unique situation, without the need to invest endless time evaluating the ever-evolving options.

AFINE

AFINE

AFINE is a trusted advisor in the field of cybersecurity and pentesting.