IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hackers publish Hackney Council data online after 2020 attack

The suspected ransomware incident in October last year knocked a number of council services offline

A front view of Hackney Town Hall, UK

Data stolen from Hackney Borough Council in a major cyber attack last October has been published online by the hackers responsible.

Cyber security experts working with the local authority have confirmed “a limited set of data” has now been published online, four months after hackers infiltrated its networks.

The council has said the data, the nature of which hasn’t been disclosed, wasn’t published on any widely available public forums and is not visible through conventional search engines.

This means the data has likely been published on the dark web; a common practice by some groups following a ransomware attack either as proof of an attack, or if a ransom is demanded but not paid.

“It is utterly deplorable that organised criminals chose last year to deliberately attack Hackney, damaging services and stealing from our borough, our staff, and our residents in this way, and all while we were in the middle of responding to a global pandemic,” said the major of Hackney, Philip Glanville.

“Now four months on, at the start of a new year and as we are all responding to the second wave, they have decided to compound that attack and now release stolen data. Working with our partners we will do everything we can to help bring them to justice.”

The attack on council services in October last year led to outages lasting several weeks. The payment portal for paying rent and service charge, for example, was still unavailable a month after the incident.

Glanville added the council is in contact with residents and staff about any risk to their personal data, and are working with its cyber security partners to assess the data and take action. The council has also been working with the National Cyber Security Centre (NCSC), National Crime Agency (NCA), and Information Commissioner’s Office (ICO).

Although the data hasn’t been fully examined, Hackney Borough Council is confident the vast majority of sensitive or personal information it holds hasn’t been affected.

The council hasn’t confirmed this was specifically a ransomware attack, although a handful of prominent cyber crime outfits have been known to publish their victims’ data on their own online platforms after an attack, which is accessible through the dark web.

DopplePaymer, for instance, published a sample of archive files online last year after hacking into a digital transformation company that boasts clients such as NASA and the Defense Information Systems Agency (DISA).

The tactic has also been commonly deployed by the Maze and Sodinokibi groups in the past as a blackmailing technique. The threat of publishing stolen material could potentially expose organisations to bad press, fines, and action by data regulators.

IT Pro asked Hackney Borough Council what internal measures it has taken following the incident in October, and whether it can confirm the attack involved ransomware.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021
US and Israel join forces to fight ransomware
ransomware

US and Israel join forces to fight ransomware

15 Nov 2021

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022