Hackney Council has been made aware that data stolen in October’s cyberattack has been published by the organised criminals responsible for the attack.
The experts supporting the Council believe that this is a limited set of data, it has not been published on a widely available public forum, and is not visible through search engines on the Internet.
Council staff are working closely with the National Cyber Security Centre, National Crime Agency, Information Commissioner’s Office, the Metropolitan Police and other experts to investigate what has been published and take immediate action where necessary.
At this stage, it appears that the vast majority of the sensitive or personal information held by the Council is unaffected, but the Council and its partners are reviewing the data carefully and will support any directly affected people.
It is utterly deplorable that organised criminals chose last year to deliberately attack Hackney, damaging services and stealing from our borough, our staff, and our residents in this way, and all while we were in the middle of responding to a global pandemic.
Now four months on, at the start of a new year and as we are all responding to the second wave, they have decided to compound that attack and now release stolen data. Working with our partners we will do everything we can to help bring them to justice.
I fully understand and share the concern of residents and staff about any risk to their personal data, and we are working as quickly as possible with our partners to assess the data and take action, including informing people who are affected.
While we believe this publication will not directly affect the vast majority of Hackney’s residents and businesses, that can feel like cold comfort, and we are sorry for the worry and upset this will cause them.
We are already working closely with the police and other partners to assess any immediate actions we need to take, and will share further information about the additional action we will be taking as soon as we can.