London council officials have been warned of a “significant and immediate threat” after a reported cyber attack on multiple local authorities in the capital. MyLondon has seen internal memo from three local authorities confirming an incident in the last 48 hours, while one council has publicly confirmed it has “serious” IT issues.
It is believed the incident originated with Royal Borough of Kensington and Chelsea (RBKC), according to a memo sent around by Hammersmith and Fulham Council, which also states the borough acted “swiftly” to protect its own systems. RBKC, which shares some systems with neighbouring councils, has been approached for comment.
The first sign of an issue came when RBKC posted on X at around 1pm on Monday (November 23), stating it had “system issues” that would affect access to online services. In another update on X at around 10am on Tuesday morning (November 24), RBKC described a “serious IT issue” that would continue to affect services.
Meanwhile, Westminster City Council also wrote on X to declare an issue with its IT system. Behind the scenes, however, a memo sent to Westminster staff claimed the Council had shut down its IT system as a precautionary measure due to a cyber security incident.
News of the alleged attack also reached Hackney Council this morning, when staff received an “urgent communication” about phishing and social engineering attack methods. Hackney Council was successfully targeted in 2020, and subsequently reprimanded by the Information Commissioner’s Office over security failures.
The memo, sent to Hackney officials this morning, said: “We have received intelligence that multiple London Councils have been targeted by cyber-attacks within the last 24-48 hours, with potential disruption to systems and services. We are escalating our internal cyber threat level to Critical. Your immediate cooperation is essential to protect the Council and the data of our residents.”
Council workers in the borough have been reminded not to open suspicious emails, click on unusual links, or verify unusual requests, and have been asked to report anything immediately as “speed is critical” in containing a breach.
This is a breaking news story… we will update you with more information as it comes.
