Data stolen from Hackney Council in a cyber attack last year has been published on the dark web, officials have said.
Experts supporting the east London council said a limited set of data had been put online but was not on a widely available on a public forum or visible through internet search engines.
Mayor of Hackney Philip Glanville said the council is working with the National Cyber Security Centre (NCSC), National Crime Agency (NCA), Information Commissioner’s Office (ICO) and the Metropolitan Police to establish what had been published and take immediate action where necessary.
The council said it appears at this stage that the vast majority of sensitive or personal information it holds has been unaffected.
Organised criminals have published data stolen in October's cyberattack on the Council.
We're working with @NCSC, @NCA_UK, @metpoliceuk & @ICOnews to urgently investigate.
We share residents' worry about their data, and we'll take action where needed.https://t.co/BWh0EHrjad
— Hackney Council (@hackneycouncil) January 7, 2021
Mr Glanville said in a statement: “It is utterly deplorable that organised criminals chose last year to deliberately attack Hackney, damaging services and stealing from our borough, our staff, and our residents in this way, and all while we were in the middle of responding to a global pandemic.
“Now, four months on, at the start of a new year and as we are all responding to the second wave, they have decided to compound that attack and now release stolen data.
“Working with our partners, we will do everything we can to help bring them to justice.”
The cyber attack in October took many of the council’s online services offline.
Mr Glanville apologised to residents for the concern the incident had caused and confirmed that anyone affected would be contacted directly.
“I fully understand and share the concern of residents and staff about any risk to their personal data, and we are working as quickly as possible with our partners to assess the data and take action, including informing people who are affected,” he said.
“While we believe this publication will not directly affect the vast majority of Hackney’s residents and businesses, that can feel like cold comfort, and we are sorry for the worry and upset this will cause them.
“We are already working closely with the police and other partners to assess any immediate actions we need to take, and will share further information about the additional action we will be taking as soon as we can.”
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules here