City Of Leicester Council Attacked

Uploaded on 2024-04-11 in NEWS-Cybersecurity News, GOVERNMENT-Local, FREE TO VIEW, TECHNOLOGY--Hackers

The Britain's Leicester City Council said on 3rd April that confidential data has been published online by a “known ransomware group” following a cyber incident that was identified on March 7.  The authority said on 3 April that 25 stolen documents had been posted online, but now a "much larger batch"  of 1.3 terabytes has been released by hackers. Council leaders described the attack on its systems as "highly sophisticated".

The council said its IT networks were now back online and that a known ransomware group, which has hit a number of government, education and health organisations around the world, was responsible.

The confirmation comes after the criminals responsible for the attack uploaded stolen documents to their Dark Web site, prompting concerns over data security and user privacy. Now, the Inc. ransomware group which is known to share design fwarures with the prolific exploits developed by Lockbit has claimed responsibility for the attack and they are well known for targeting various governmental, educational and healthcare institutions.

The council said on 3rd April that approximately 25 sensitive documents, including rent statements, council housing purchase applications and personal ID records such as passport information were amongst those leaked, but now it has confirmed that the data batch released is much larger. “We have today been made aware that a small number of documents held on our servers have been published by a known ransomware group," said Richard Sword, the council's strategic director.

While the exact extent of the breach remains uncertain, Sword acknowledged the possibility that additional documents may have been compromised.

The Inc. Ransom group, which claims to have extracted 3 terabytes of data from Leicester City Council, has also published a 'proof pack' on a data leak site.While the majority of the council's systems and phone lines are now functioning normally, following a shutdown on 7th March when the attack was first detected, several critical services are still disrupted.

Emergency contact numbers were provided on the council's website as alternative means of communication,  for essential services and the council has cautioned residents and staff to remain vigilant and report any suspicious approaches from parties claiming to possess their data to Leicestershire Police. It says it is cooperating with law enforcement agencies, including Leicestershire Police and the National Cyber Security Centre, as part of the investigation.   

Inc.'s involvement in the cyber incident extends beyond Leicester, as the group has also claimed responsibility for an attack on NHS Dumfries and Galloway, part of the Scottish healthcare system

"In the last two weeks it's become evident that INC ransom have clear intent when it comes to targeting local services, with Leicester Council joining the victim list alongside NHS Dumfries and Galloway," commented Darren Williams, CEO and founder of security firm Blackfog.

The Director of critical infrastructure at Illumio, Trevor Dearing said: "Local councils store a vast amount of personal data which can be used in the longer term to conduct further attacks as well as be sold on the Dark Web for a quick profit or used for identity fraud... Attacks on the public sector show no signs of slowing down, but the sheer breadth of services local government must support means funding for cybersecurity will always be a challenge."

“The government should look to implement some of the recommendations in the recent parliamentary committee report on ransomware, especially on how respond to an incident. Ultimately local government should not have to choose between cyber security and social care." Dearing concluded.

Leicester.gov   |    Cybereason    |    Computing    |      Infosecurity   |    Techfinitive   |    TEISS    |  BBC

You Might Also Read: 

Cyber Attacks Hit Three English Councils At Once:

DIRECTORY OF SUPPLIERS - Ransomware Protection:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The AI Future: Three Tips For SMBs
Artificial Intelligence Might Prolong Human Life »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

HackCon Norway

HackCon Norway

HackCon is for the people who are interested in technology, psychology, IT and security, and who wants to improve their knowledge within these areas.

SecurityScorecard

SecurityScorecard

SecurityScorecard provides the most accurate security ratings & continuous risk monitoring for vendor and third party risk management.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Pentagon Group

Pentagon Group

Pentagon Group is a provider of security services in high-risk environments, remote areas and emerging markets in support of land-based, aviation, maritime and cyber operations.

TypingDNA

TypingDNA

TypingDNA uses AI to recognise people by the way they type on desktop keyboards and mobile devices.

Nokia

Nokia

Nokia is a proven leader in fixed, mobile and IoT security offering capabilities that range from systems design to integration and support.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Prancer

Prancer

Prancer is the industry's first cloud-native, self-service SAAS platform for automated security validation and penetration testing in the cloud.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

Otto

Otto

Stop Client-Side Attacks. Plug otto into your application security suite and protect your supply chain.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

Block Harbor Cybersecurity

Block Harbor Cybersecurity

Block Harbor has worked closely with automakers, suppliers, and regulators since 2014 on vehicle cybersecurity.

Identifid

Identifid

Identifid offers a suite of fraud prevention and identity authentication solutions to businesses and governments using the latest advances in AI, vision processing, and biometric recognition.

BeckTek

BeckTek

BeckTek specialize in IT Cyber Security & Support, helping clients run their businesses faster, easier and more profitably.