Glasgow City Council in the UK announced on Wednesday it has been impacted by a serious cyber incident. This attack is disrupting a number of the city’s online services and may have involved customer data theft. The specific nature of the widespread incident has not yet been officially confirmed by any city officials. The council’s IT supplier, which is the company CGI, first uncovered the security incident sometime last week. The breach was found on servers that are currently managed by one of the city’s third-party outside suppliers.
The city’s day-to-day digital and online services have been disrupted by the council taking affected servers offline.
The council’s official statement included an apology for all of the anxiety and inconvenience this incident will cause. The city council is working to understand the full scope of the breach and restore all of its services. While it cannot yet confirm data was removed, the city is taking a very cautious public approach. The council is operating on the presumption that customer data related to web forms may have been exfiltrated.
All of the city’s residents have now been advised to be cautious if they are contacted by anyone. They should be particularly wary of anyone claiming to be from the city council and asking for personal information. This is a common tactic used by criminals to commit fraud after a major data security breach occurs. Residents are also strongly encouraged to report any suspicious contacts immediately to the official Police Scotland law enforcement.
They should report if they are contacted by any person or group claiming to possess their stolen data.
This current incident follows a major ransomware attack last year which impacted the National Health Service in the UK. That specific attack affected the area of Dumfries and Galloway, which is the region just south of Glasgow. The impact of that previous ransomware attack has been very significant and has been felt for many months. All of the households in that entire region received letters just this month warning them about the situation. The letters said cybercriminals likely published sensitive medical data about them that was stolen in a February attack.
Reference:
