Saturday, October 16, 2021

Months after cyber-attack, Stolen Data from London Council Published Online By hackers

Must Read

Singapore investigating claims Muslim app developer sold user Information to US military

Singapore is investigating claims that a local-based mobile app, Muslim Pro, has offered"granular place data" into the US army....

Bug in a shared SDK may allow attackers to join calls undetected across multiple apps

A small library that provides audio and video call capabilities contain a bug that allows attackers to join audio...

Plex Media servers are being actively abused for DDoS attacks

DDoS-for-hire services are actively abusing plex Media Server systems as a UDP reflection/amplification vector in Distributed Denial of Service...

The Information that was stolen has been published on the darknet.

Sensitive data stolen from Hackney Council in the UK has allegedly been published online, three months following the ransomware attack on the local authority that took place last year.

Hackney council, which provides services for 280,000 residents in the UK capital, was struck by what was labeled a”serious” cyber-attack last October, taking many IT systems out of operation, with some still disrupted currently.

Data stolen at a cyber-attack against a London council last year was leaked online by the hackers responsible for the attack.

A cybercriminal group called Pysa/Mespinoza has claimed that it has released a selection of information caused by the incident on the darknet. This includes sensitive personal data of employees and residents, such as passport documents.

It now appears that the information that has been stolen during the attack was published to the dark web by the offenders, even though the council stated that only a limited set of information was at risk.

According to the council’s latest update, the documents have not been leaked to a”widely available forum”, and are not visible through search engines online.

The Mayor of Hackney Philip Glanville said: “I fully understand and share the concern of residents and staff about any risk to their information, and we’re working as rapidly as possible with our partners to assess the information and take actions, including informing people who are affected.”

“While we believe this publication will not directly affect the vast majority of Hackney’s residents and businesses, that may feel like cold comfort, and we’re sorry for the stress and upset this will cause them.”

While the majority of sensitive and private information held by the council seems to be unaffected, Hackney council said that it is working with the National Cyber Security Centre, the National Crime Agency, the Information Commissioner’s Office, and the Metropolitan Police to investigate what has been published exactly and assess which actions need to be taken.

Now several months after the attack happened, the exact nature of the intrusion is still unclear. The council has avoided disclosing details to make sure that it does not inadvertently assist the attackers.

Only legacy and non-cloud-based systems, like making payments or approving licensing, have been changed, while newer systems and services linked to managing the Covid-19 pandemic have stayed up-and-running.

Although many systems have since been completely or partially restored, the council has said that it anticipates some services to remain inaccessible or disrupted for the months to come.

Hackney council’s service status page still indicates that services are”significantly disrupted” because of a”severe cyber-attack”, and recommends that citizens and businesses avoid contacting the council unless necessary.

For instance, the council is currently unable to process applications for many kinds of licenses, to add to the housing waiting list, or to get council tax discounts.

Disruptions and delays to payment methods remain, and to claims for housing benefits. Voting preferences cannot be updated, and residents are currently unable to report noise complaints online.

Phone lines, however, remain open for essential help and emergency support.

“It is utterly deplorable that organized criminals chose last year to intentionally attack Hackney, damaging services and stealing from our borough, our team, and our residents this way, and all while we were in the middle of responding to a worldwide pandemic,” said Glanville.

“Now four months on, at the start of a new year and as we are all responding to the second wave, they’ve opted to compound that attack and now release stolen data.

Working together with our partners we’ll do everything we can to help bring them to justice.”

Last year also saw an attack on Redcar and Cleveland council in North East England, which affected 135,000 individuals and came at a cost of more than £10 million ($13.5 million).

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This