Multiple London councils have recently been targeted by a series of cyber-attacks, causing significant disruption to shared and individual IT systems. The Royal Borough of Kensington & Chelsea (RBKC) and Westminster City Council acknowledged that they were “responding to a cyber incident affecting some shared IT systems,” which immediately impacted services such as council phone lines. Simultaneously, Hammersmith & Fulham Council issued a memo confirming it had experienced a “serious cyber security incident.” The issues were identified early in the week, prompting affected councils to activate emergency plans to ensure that essential, critical services could still be delivered to residents despite the technical outages.
The councils are currently engaged in extensive efforts to contain and rectify the situation. RBKC stated that both it and Westminster City Council are actively collaborating with specialist cyber experts and the National Cyber Security Centre (NCSC) to safeguard data and restore full operational capacity. The council has also notified the Information Commissioner’s Office (ICO) and is investigating whether any resident data has been compromised, noting that it is still “too early to say who did this, and why.” The Met Police Cyber Crime Unit has initiated an investigation following a referral from Action Fraud, though no arrests have been made as inquiries remain in the preliminary stages.
The incident appears to have had a connected and widespread impact across the affected boroughs. Hammersmith & Fulham Council suggested that its problems were linked to the primary incident affecting RBKC and Westminster. It warned staff about remaining connectivity issues, noting that full resolution was contingent upon RBKC guaranteeing the security of its networks, a process expected to take several days. As a major precautionary measure, Hammersmith & Fulham Council also urged its employees to refrain from clicking on any links sent from colleagues in Kensington and Chelsea or Westminster City Council via Outlook or Teams “until further notice.”
In response to the intelligence of these successful attacks, other local authorities have raised their vigilance levels. Hackney Council, while reporting that it has not been targeted itself, issued an urgent internal memo to staff, escalating its cyber security threat level to “critical.” The memo confirmed that intelligence showed “multiple London councils have been targeted by cyber-attacks within the last 24-48 hours, with potential disruption to systems and services,” and stressed the essential need for immediate staff cooperation to protect the council and residents’ data from potential phishing attacks.
Council spokespersons have apologized for the considerable inconvenience and service disruption caused by the ongoing events. RBKC stated, “We would like to apologise for any disruption and thank residents for their patience as we work to bring systems back online safely.” The priority across all affected councils remains the swift and secure restoration of services while rigorously reviewing, isolating, and protecting networks to prevent future breaches. The public has been assured that updates on the investigation and system status will be provided as soon as they become available.
Reference:
