Oxford City Council has issued a warning that it recently suffered a significant and very serious data breach. Attackers were able to successfully gain unauthorized access to some of the council’s older, legacy computer systems. The security incident has also caused a widespread ICT service disruption, according to an announcement on the website. Oxford City Council is the local government authority that is responsible for managing many critical public services.
Based on the preliminary investigation, the impacted system contained information on both former and current Council officers.
The attackers were able to access some of the historic data that was stored on these legacy systems. People who worked on Council-administered elections between 2001 and 2022 may also have had some personal details accessed. The council’s official statement claims there’s no evidence that any of this exposed data has been further disseminated.
The organization says that its comprehensive investigation into the entire security incident is still currently ongoing at this time. As of yet, there have been no signs of any mass data extraction that have been unearthed by investigators. It is important to note that there is currently no specific mention of citizen data having been compromised. BleepingComputer has contacted Oxford City Council to specify if any citizen data was stored in the accessed databases.
Oxford City Council says it has begun individually notifying all of those who have been confirmed to be affected.
These notifications provide important details about the incident and also list all of the available support system resources. The council has also given assurances of strengthened security measures that will be implemented to prevent future breaches. Also, all the relevant government authorities and the appropriate law enforcement agencies have been notified about the incident.
Reference:
