Back in October last year, a hacker group that targeted the Council of the London borough Hackney managed to infiltrate the network of the Council and steal a significant amount of confidential data as well as heavily disrupt many of the services provided by the Council’s administration.
At the start of the current year, months after the initial attack on the Council’s network, it seems that the hackers responsible for it have leaked the collected data and released it online, on the dark web.
Some of the leaked data seems to be linked to the residents of the borough, though the Council has provided reassurance that the data leak is unlikely to affect most of Hackney’s residents or businesses. The fact that the data has been released on the dark web means that it won’t appear in conventional search engines and will only be reachable by a rather limited number of people. That said, the data is still out there, accessible to anyone who uses the dark web.
According to the council, the services that were affected the most during the attack were their payment and licence-approval services. Some of the affected services have been fully or partially restored since the attack but there are still such that are not working properly yet.
The Council of Hackney states that its administration is currently unable to process most types of licence applications as well as applications for council tax reductions and for the housing waiting list.
The phone lines of the Hackney Council administration are still open so residents of the borough can directly contact the Council over the phone. However, the Council recommends that this option is used only if absolutely necessary so as to keep the phone lines open in case of actual emergencies rather than overwhelming them with low-priority requests.
The Council is currently working together with the National Crime Agency, the Information Commissioner’s Office, the National Cyber Security Centre, and the Metropolitan Police to resolve the data leak and service disruption problems and bring the cyber-criminals responsible for all this to justice.
In order to avoid inadvertently assisting the hackers, the Hackney Council has refrained from sharing any more details about the information that got stolen during the hacker attack and released on the dark web or about the nature of the attack itself.
The good news is that the newer cloud-based systems and the systems responsible for managing the COVID-19 situation remain intact and are still fully operational despite the cyber-attack.
The end-goal of the attack also seems to be unclear at this moment. Usually, such cyberattacks are intended to blackmail their targets for a ransom payment but there has been no information about any ransom demands in the current case.
Philip Glanville, the Mayor of Hackney, condemns the actions of the cybercriminals by commenting on the amoral nature of conducting such an attack on essential administrative systems and networks during a time of a global pandemic.
Currently, there are about 280,000 residents in London’s Hackney Borough that rely on the services of the Hackney Council, many of which are still unavailable due to the hacker attack from October last year.