The IT systems of several London councils have been targeted in a significant cyber attack, raising serious concerns that residents' personal data may have been compromised.
What Happened: A Coordinated Incident
The Royal Borough of Kensington and Chelsea (RBKC) and Westminster City Council (WCC) first detected the breach on Monday. The two authorities, which share a number of IT services, have since confirmed the incident to the Information Commissioner's Office, a standard procedure when a potential data breach occurs.
In an official statement, RBKC confirmed they are working with specialist cyber incident experts and the National Cyber Security Centre (NCSC) to manage the situation. The primary focus is on protecting systems and data, restoring services, and ensuring critical public services continue to operate.
The Response and Investigation
Council IT teams worked through the night to implement successful mitigations, and resources are being diverted to monitor email inboxes and phone lines for residents needing assistance. The council stated, "We don't have all the answers yet, as the management of this incident is still ongoing."
At this early stage, it is too soon to attribute blame for the attack. An investigation is underway to determine if any data has been compromised. The incident has also impacted Hammersmith and Fulham council, which shares IT services with RBKC and WCC.
Expert Analysis: A Serious Intrusion
Graeme Stewart, head of public sector at cybersecurity firm Check Point, stated the situation has "all the signs of a serious intrusion." He explained that the disruption across multiple boroughs and the urgent internal warnings for staff to avoid emails from partner councils are classic signs of attackers moving through a shared network environment.
"The decision to shut down services so quickly isn't an overreaction - it tells you they suspect this could escalate into encryption or data theft," Stewart added. He emphasised that councils hold incredibly sensitive material, from social-care files to identity documents, making them high-value targets for fraud or extortion.
A spokesperson for the NCSC, which is part of the GCHQ intelligence agency, told Sky News: "We are aware of an incident affecting some local authority services in London and are working to understand any potential impact." The Metropolitan Police has also been approached for comment.
