Hacker tells York City Council it's been breached

The Council was contacted by a mysterious third-party claiming to have accessed 6,000 users' data from One Plant York App

Data on screen, viewed by shadowy hacker

A mysterious hacker contacted York City Council to say that they had breached the security on its mobile app, potentially affecting some 6,000 residents.

The unknown third-party told the council they had found a way to access personal data, including phone numbers, encrypted passwords and addresses, of residents who use the One Planet York app.

Advertisement - Article continues below

The app enables users to check their bin collection dates, check whether packaging is recyclable and find the location of recycling points. A council spokesman said that 5,994 records are contained in the app and could have been breached.

The council has taken the claims seriously, reporting the incident to the North Yorkshire Police and have taken the app down.

It has also contacted users by sending out letters, seen by The York Press. The letters state that the council does not know what the hacker is using the data for.

The letter says: "We value your privacy and deeply regret this incident occurred. We have conducted a thorough review of the One Planet York app, we have deleted all links with the app and as a result, will no longer support it going forward."We have deleted it from our website and asked for it to be removed from the app stores and ask that you now delete it from your device. We cannot say for certain what the third party responsible has done with the data."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The letter added that the hackers did not request anything in return for the personal data, which the council initially thought suggested an ethical hacker or "someone who looks for data vulnerabilities in the public interest".

"On November 1, 2018, a third party contacted the council and told us they had found a way to access personal data of those people who use the One Planet York app," said Ian Floyd, deputy chief executive at the council. "The data accessed included personal information such as names, addresses, postcodes, email addresses and telephone numbers together with encrypted passwords."To our knowledge, the data accessed did not include any further sensitive information. In addition, the One Planet York is isolated from other council systems and therefore unable to access other personal data."

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/server-storage/servers/356083/the-best-server-solution-for-your-smb
Sponsored

The best server solution for your SMB

26 Jun 2020