- cross-posted to:
- privacysecuk@feddit.uk
- cross-posted to:
- privacysecuk@feddit.uk
cross-posted from: https://feddit.uk/post/17070663
"A Gloucestershire council has declared a major incident and is working with GCHQ to assess the full extent of a cyber attack by “hostile actors”. Tewkesbury Borough Council shut down all of the services they provide online yesterday (Wednesday, September 4) after they identified “hostile actors” within their IT systems.
Council leaders say the full extent of the cyber security breach and the motive of the attack is currently unknown. But they are redeploying staff to towns and large villages across the Borough to ensure the most vulnerable have access to the services they rely on.
Chief Executive Alistair Cunningham said: “With all our systems shut down, our main focus is around the vulnerable people we serve in this community.
"We are currently dealing with an IT incident. Our systems have been compromised.
“We were alerted to unknown user accounts accessing our systems yesterday afternoon. We are clearly at an early stage of our investigation but as of today we are saying there is no evidence of data exfiltration from the organisation.
“Yesterday we thought data had been removed from the organisation which would be of serious concern to our residents. We have been analysing the movement of data in and out. The data leaving the system was through bonafide user accounts.”
“The accounts we have identified have not been taking data out of the organisation. That is the situation which is reassuring to ourselves and partners and clearly the public in terms of the data we hold.”
He said the authority has taken the necessary cyber response steps including informing the National Cyber Security Centre who are supporting them with their investigation…"