Ransomware

Tewkesbury Borough Council Cyberattack: Incident Update

Tewkesbury Borough Council declared a major incident after a cyberattack. Systems are down, but no data theft is confirmed.

by Ashish Khaitan September 6, 2024 Reading Time: 3 mins read

Share on LinkedInShare on Twitter

Tewkesbury Borough Council has declared a major incident following a cyberattack that disrupted its operations on Wednesday afternoon. The Tewkesbury Borough Council prompted the council to take immediate action by shutting down its systems to contain the Tewkesbury Borough Council cyberattack. 

As the investigation unfolds, the council’s Chief Executive, Alistair Cunningham, has reassured the public that there is currently no evidence of data being removed or exfiltrated from their systems.

Tewkesbury Borough Council Cyberattack: Immediate Response and Ongoing Investigation

Upon discovering the Tewkesbury Borough Council cyberattack, Tewkesbury Borough Council enacted “necessary cyber response steps” to address the situation. The council’s action included shutting down all systems to prevent further potential damage. 

An ongoing investigation is being conducted with assistance from the National Cyber Security Centre and the counter-fraud agency. The council has emphasized that there is no indication of personal data being compromised at this time.

In an official statement, the council provided precautionary advice to residents and customers, urging them to remain vigilant. The advisory highlights the importance of being cautious of phishing emails and fraudulent activities, using strong and unique passwords, and promptly changing passwords if any suspicious activity is detected.

The council also recommended checking further guidance available on the National Cyber Security Centre’s website.

Public Communication and Support

In a statement to BBC Radio Gloucestershire, Cunningham detailed the discovery of unknown user accounts within the council’s system, which led to the immediate system shutdown. He confirmed that there was no evidence suggesting that data had been removed or exfiltrated. Cunningham stressed that the primary focus is on ensuring services for vulnerable residents while investigating the extent of the Tewkesbury Borough Council cyberattack.

“We have now re-established our phone line and are working on building new computers to expand our phone line capabilities,” Cunningham said. He also pointed out that although the council’s website remains operational and unaffected, normal services are limited. I don’t want someone who’s at risk of losing their house or who can’t feed their children not to be able to talk to my staff,” Cunningham added.

To assist residents, council staff will be available at several locations:

  • Bishop’s Cleeve Parish Council until 15:00 BST
  • Churchdown police bus at Tesco car park until 16:00 BST
  • Brockworth Community Centre at Court Road until 16:00 BST

Data Protection and Community Assurance

The council has appointed Graeme Simpson as the Data Protection Officer to handle inquiries related to the cyberattack on Tewkesbury Borough Council. Residents concerned about the data breach can contact Simpson via the email address provided in the council’s communication. Despite the current challenges, the council is committed to providing updates and ensuring that residents are informed of any potential risks to their data.

As part of its ongoing response, the council continues to work diligently to understand the full scope of the cyberattack. “We do not know the extent of the infiltration of our system,” Cunningham admitted. He emphasized the importance of not reopening all services until a thorough assessment is completed, citing that waste and recycling services remain operational during this period.

The Cyber Express reached out to Tewkesbury Borough Council for further details on the cyberattack. As of now, no additional official statements have been provided. 

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button