Major Cyber Security Incident Hits London Boroughs
The Royal Borough of Kensington and Chelsea has confirmed that data was stolen during a cyber-attack this week, affecting one of London's most prominent local authorities.
The council, which serves approximately 147,500 residents, has urged all local people to exercise extreme caution when dealing with unexpected communications.
Multiple Boroughs Affected by Coordinated Attacks
This security breach forms part of a wider pattern affecting three separate London councils simultaneously. Alongside Kensington and Chelsea, both Westminster City Council and Hammersmith and Fulham Borough Council reported significant system disruptions.
All three authorities experienced problems with their telephone systems and other critical infrastructure, suggesting a coordinated assault on local government digital services.
A spokesperson for Hammersmith and Fulham confirmed that technical teams are working around the clock to restore normal operations and secure their networks against further intrusion.
Resident Security Takes Priority
The Royal Borough of Kensington and Chelsea has taken the unusual step of publicly warning residents about potential risks following the data theft. Council leader Elizabeth Campbell emphasised that transparency was essential in such circumstances.
"All I know is - as a resident myself - I would want to know this information as soon as possible," stated Councillor Campbell. "Then I could make my own choices, follow advice and protect myself if I think necessary."
The council believes the stolen information consists of historical data, but comprehensive checks are underway to determine whether any personal or financial details of residents were compromised.
National Security Resources Deployed
In response to the serious nature of these incidents, the affected councils have engaged multiple national security agencies. The National Cyber Security Centre (NCSC) is providing expert guidance, while the National Crime Agency and Metropolitan Police are assisting with criminal investigations.
Authorities have advised residents to be particularly wary of:
- Unexpected phone calls requesting personal information
- Suspicious emails containing links or attachments
- Text messages from unknown senders
The NCSC has provided specific guidance to help people identify potentially malicious communications.
Growing Threat to Public Services
These incidents represent the latest in a series of cyber-attacks targeting UK public bodies in recent years. Many such breaches involve ransomware, where criminal organisations - often based in former Soviet states - encrypt vital systems and demand cryptocurrency payments for their release.
While none of the affected councils have confirmed whether ransomware was used in these specific attacks, the pattern bears similarities to previous incidents. In 2020, Hackney Council suffered a major ransomware attack that encrypted approximately 440,000 files, resulting in significant service disruption and regulatory scrutiny.
The Royal Borough of Kensington and Chelsea has warned residents to expect at least two weeks of significant disruption as systems are gradually restored and security reinforced.
Westminster City Council and Hammersmith and Fulham have not yet confirmed whether data was exfiltrated from their systems during the attacks, though investigations continue across all three boroughs.
