Glasgow City Council has been hit with a cyber attack that has disrupted services and compromised personal data as local authorities in Britain continue to be targeted by criminals.
The council said that its IT supplier CGI discovered malicious activity on its servers, which are managed by a separate third-party supplier, last week.
Glasgow City Council has taken the affected servers offline as it launches an investigation into the incident, supported by Police Scotland, the Scottish Cyber Coordination Centre and the National Cyber Security Centre.
The situation has caused disruption to council services and may have involved the theft of customer data.
“Glasgow City Council apologises for the anxiety and inconvenience this incident and the necessary response to it will undoubtedly cause,” said the local authority.
It could not yet confirm what data has been affected, prompting the council to operate on the presumption that relevant customer data may have been exfiltrated.
“The fact that Glasgow City council was forced to take so many local services offline is a reminder of the direct threat cyber incidents have on keeping services secure and accessible,” commented Sylvain Cortes, VP of strategy at cyber firm Hackuity.
“Risks can originate not only from within internal systems but also across a growing network of third-party suppliers. It’s vital that organisations have a clear, ongoing understanding of how secure each partner is and their risk profile.”
The attack comes weeks after services and personal data were similarly disrupted in a major data breach against Oxford City Council.
Local government institutions have become a popular target for cyber criminals, with research released this week finding the number of breaches against councils in the past year is in the thousands.
Register for Free
Bookmark your favorite posts, get daily updates, and enjoy an ad-reduced experience.
Already have an account? Log in
