"The council has established that the Westminster breach involves some limited data, hosted in the Royal Borough of Kensington and Chelsea's shared IT environment, which is likely to contain some potentially sensitive and personal information,"
"Work is underway to establish what exactly the data entails and how it relates to individuals, as part of a comprehensive process in line with the Information Commissioner's Office recommendations, which will take some time to complete. The data is not lost or deleted, and there is no indication at this stage that it has been published online."
"Following extensive investigation with cyber security specialists from NCC Group and independent forensic experts, we can confirm that this was a cyber attack with criminal intent, with data copied and taken away."
Three neighbouring London authorities — Westminster City Council, the Royal Borough of Kensington and Chelsea (RBKC) and the London Borough of Hammersmith and Fulham — were affected by a cyber attack first detected on 24 November. Westminster has confirmed that some limited data hosted in RBKC's shared IT environment was copied and taken by a third party and is likely to include potentially sensitive and personal information. Work is under way to identify the exact data and any individuals affected, following Information Commissioner's Office recommendations. The councils say the attack was detected quickly, appears to have been contained with no evidence of lateral movement, and there is no indication the data has been published online. Investigations involve the Metropolitan Police, the National Crime Agency, the National Cyber Security Centre, NCC Group and independent forensic experts.
Read at ComputerWeekly.com
Unable to calculate read time
Collection
[
|
...
]