Three West London councils have confirmed that criminals accessed and copied approximately 440,000 files in a major cyberattack earlier this week. Kensington and Chelsea Council, Hammersmith and Fulham, and Westminster City were targeted in the breach, which has caused significant disruption to services and sparked an urgent investigation.
The councils share IT systems, and the attack reportedly originated at Kensington and Chelsea. While the data has not been stolen, officials warn it is possible the information could end up in the public domain. The compromised files are believed to be historical data archived from 2006 to 2020.
Kensington and Chelsea Council is prioritizing checks to determine whether the accessed files contain personal or financial details of residents, customers, and service users. The council acknowledged this process will take some time. The National Crime Agency is investigating the incident, and the Information Commissioner's Office has been informed.
Leadership Response
Elizabeth Campbell, leader of Kensington and Chelsea Council, defended the decision to alert residents before completing a full assessment of the breach. «As soon as I was informed there might be a data breach impacting residents, I asked officers to make sure we tell people at the earliest possible opportunity,» she said. «Even if we do not yet have the full picture of what data has been copied, and whether that does include any personal details, it is the right thing to do.»
She added: «All I know is - as a resident myself - I would want to know this information as soon as possible and then be able to make my own choices, follow advice, and protect myself if I think necessary.»
Service Disruption and Council Measures
Westminster Council shut down its computer networks as a precautionary measure following the attack. Hammersmith and Fulham Council isolated and safeguarded its network, temporarily suspending some applications including My Account. The council stated there was no evidence its systems had been compromised but teams are working to review and restore services.
Kensington and Chelsea Council warned residents to remain vigilant about bank and card details, particularly those who have made purchases such as parking permits. The council is operating its Customer Service Centre this weekend from 10am to 4pm at Kensington Town Hall for emergency in-person queries.
The council expects at least two weeks of significant disruption but assured residents that council services will continue to run. Critical services including the call centre were inaccessible for several hours following the attack.
Cybersecurity researcher Kevin Beaumont reported that ransomware is behind the cyber incident. Hackney Council, while not directly hit by the attack, escalated its internal cyber threat level to critical and warned staff about phishing and social engineering attacks.
Note: This article was created with Artificial Intelligence (AI).
