City Of Leicester Council Attacked

Uploaded on 2024-04-11 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

The Britain's Leicester City Council said on 3rd April that confidential data has been published online by a “known ransomware group” following a cyber incident that was identified on March 7.  The authority said on 3 April that 25 stolen documents had been posted online, but now a "much larger batch"  of 1.3 terabytes has been released by hackers. Council leaders described the attack on its systems as "highly sophisticated".

The council said its IT networks were now back online and that a known ransomware group, which has hit a number of government, education and health organisations around the world, was responsible.

The confirmation comes after the criminals responsible for the attack uploaded stolen documents to their Dark Web site, prompting concerns over data security and user privacy. Now, the Inc. ransomware group which is known to share design fwarures with the prolific exploits developed by Lockbit has claimed responsibility for the attack and they are well known for targeting various governmental, educational and healthcare institutions.

The council said on 3rd April that approximately 25 sensitive documents, including rent statements, council housing purchase applications and personal ID records such as passport information were amongst those leaked, but now it has confirmed that the data batch released is much larger. “We have today been made aware that a small number of documents held on our servers have been published by a known ransomware group," said Richard Sword, the council's strategic director.

While the exact extent of the breach remains uncertain, Sword acknowledged the possibility that additional documents may have been compromised.

The Inc. Ransom group, which claims to have extracted 3 terabytes of data from Leicester City Council, has also published a 'proof pack' on a data leak site.While the majority of the council's systems and phone lines are now functioning normally, following a shutdown on 7th March when the attack was first detected, several critical services are still disrupted.

Emergency contact numbers were provided on the council's website as alternative means of communication,  for essential services and the council has cautioned residents and staff to remain vigilant and report any suspicious approaches from parties claiming to possess their data to Leicestershire Police. It says it is cooperating with law enforcement agencies, including Leicestershire Police and the National Cyber Security Centre, as part of the investigation.   

Inc.'s involvement in the cyber incident extends beyond Leicester, as the group has also claimed responsibility for an attack on NHS Dumfries and Galloway, part of the Scottish healthcare system

"In the last two weeks it's become evident that INC ransom have clear intent when it comes to targeting local services, with Leicester Council joining the victim list alongside NHS Dumfries and Galloway," commented Darren Williams, CEO and founder of security firm Blackfog.

The Director of critical infrastructure at Illumio, Trevor Dearing said: "Local councils store a vast amount of personal data which can be used in the longer term to conduct further attacks as well as be sold on the Dark Web for a quick profit or used for identity fraud... Attacks on the public sector show no signs of slowing down, but the sheer breadth of services local government must support means funding for cybersecurity will always be a challenge."

“The government should look to implement some of the recommendations in the recent parliamentary committee report on ransomware, especially on how respond to an incident. Ultimately local government should not have to choose between cyber security and social care." Dearing concluded.

Leicester.gov   |    Cybereason    |    Computing    |      Infosecurity   |    Techfinitive   |    TEISS    |  BBC

You Might Also Read: 

Cyber Attacks Hit Three English Councils At Once:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The AI Future: Three Tips For SMBs
Artificial Intelligence Might Prolong Human Life »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

SANS Institute

SANS Institute

SANS is the most trusted and by far the largest source for information security training and security certification in the world.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

SOOHO

SOOHO

SOOHO helps to detect security vulnerabilities earlier. Our blockchain security platform audits from smart contracts to on-chain transactions.

Tokio Marine HCC

Tokio Marine HCC

Tokio Marine HCC is a leading specialty insurance group with a Financial and Professional product line including Tech and Cyber.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Cyber Range Solutions (CRS)

Cyber Range Solutions (CRS)

CRS provides cyber security training and improve security team performance by providing a hyper realistic, virtual training environment.

AirITSystems

AirITSystems

AirITSystems offer companies comprehensive IT security solutions that take all security considerations into account and are tailored to your business.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

SRG Security Resource Group

SRG Security Resource Group

SRG Security Resource Group is a Canadian company dedicated to providing world-class Physical and Cyber Security services.

Secolve

Secolve

Secolve is Australia’s next generation OT specialist cyber security firm, working with key industries to protect the nation’s critical infrastructure.