Hackney Council has acknowledged that data stolen by cyber attackers in October has been published on the darkweb.
This follows reports, including on Sky News, that files of personal data have been published by a criminal group known as Pysa/Mespinoza on a darknet website. It says these have titles including ‘passportsdump’, ‘staffdata’ and ‘PhotoID’.
Hackney has placed a statement on its website saying it had been made aware of the move, but that experts supporting its efforts believe it is a limited set of data not available in a public forum or visible through search engines.
It said it appears that the vast majority of the sensitive or personal information it holds is unaffected, but it is reviewing the data carefully and will support any directly affected people.
It is also working with the National Cyber Security Centre, National Crime Agency, Information Commissioner’s Office, the Metropolitan Police and other experts to investigate what has been published and take immediate action where necessary.
Deplorable action
Philip Glanville, Hackney’s mayor, said: “It is utterly deplorable that organised criminals chose last year to deliberately attack Hackney, damaging services and stealing from our borough, our staff, and our residents in this way, and all while we were in the middle of responding to a global pandemic.
“Now four months on, at the start of a new year and as we are all responding to the second wave, they have decided to compound that attack and now release stolen data. Working with our partners we will do everything we can to help bring them to justice.
“I fully understand and share the concern of residents and staff about any risk to their personal data, and we are working as quickly as possible with our partners to assess the data and take action, including informing people who are affected.
“While we believe this publication will not directly affect the vast majority of Hackney’s residents and businesses, that can feel like cold comfort, and we are sorry for the worry and upset this will cause them.
“We are already working closely with the police and other partners to assess any immediate actions we need to take, and will share further information about the additional action we will be taking as soon as we can.”
The initial attack affected key council services including incoming and outgoing payments, licence application processing and reporting noise complaints. The council has been working on recovering these in the three months since it took place.
Image from iStock, Alex Volock