Several London councils have become targets of coordinated cyber attacks within the past 48 hours, with Westminster City Council confirming significant system disruptions that may persist until the end of this week.
Critical Threat Level Activated
Internal communications obtained by the Local Democracy Reporting Service reveal that multiple boroughs across the capital have been subjected to sophisticated cyber intrusions. Hackney Council issued an urgent warning to staff on Tuesday morning, although the east London authority has not suffered a direct breach.
A confidential memo circulated among council workers stated: "We have received intelligence that multiple London councils have been targeted by cyber-attacks within the last 24-48 hours, with potential disruption to systems and services. We are escalating our internal cyber threat level to critical. Your immediate cooperation is essential to protect the council and the data of our residents."
Council employees across affected boroughs have been instructed to exercise extreme caution with electronic communications, specifically avoiding suspicious emails, unusual links, and verification requests that appear out of the ordinary.
Westminster Systems Shut Down
Westminster City Council took drastic preventative measures by shutting down all network systems following what internal documents describe as a "cyber security incident." While the perpetrators remain unidentified, council officials estimate that affected systems won't be fully operational until the weekend.
The council's internal communication confirmed that Microsoft Teams and Outlook remain functional despite the network shutdown. Essential services including adult and children's social care continue to operate "as usual," alongside the Emergency Duty Team providing out-of-hours support.
Executive directors and senior management teams have activated business continuity arrangements and emergency response protocols to mitigate the impact on council operations.
Resident Services Disrupted
Westminster Council acknowledged the service disruptions publicly through social media, warning residents about difficulties contacting the authority via contact centres or online services such as Report It. The council apologised for any inconvenience and confirmed they are working with partners to restore normal operations.
Residents facing immediate emergencies have been directed to email emergencyreferrals@westminster.gov.uk while traditional communication channels remain compromised. The council anticipates extended waiting times for both residents and partners attempting to make contact during the system outage.
Meanwhile, the Royal Borough of Kensington and Chelsea reported experiencing a "serious IT issue" that began on Monday afternoon. The council, which collaborates extensively with Westminster City Council on various initiatives, advised residents to use online contact forms while their systems undergo investigation.
City Hall Response and Historical Context
Mayor of London Sadiq Khan stated he had not been previously informed about the specific attacks but emphasised City Hall's ongoing efforts to bolster cyber resilience across London's local authorities. Through the London Office of Technology and Innovation, City Hall collaborates with the National Cyber Security Centre and National Crime Agency to share best practices.
Khan commented: "We are trying to encourage councils to have better resilience but the reality is, I'm afraid, those who breach protections are going to try more and more ways to get into those systems. We're going to make sure we're resilient, that means making sure we have the right safeguards in place."
This incident echoes Hackney Council's 2020 cyber attack, where hackers encrypted 440,000 files affecting at least 280,000 residents and staff members. The Information Commissioner's Office subsequently reprimanded the council for security shortcomings that compromised personal data protection.
Multiple agencies including Westminster City Council, Kensington and Chelsea Council, the Metropolitan Police, The National Crime Agency and the Information Commissioner's Office have been approached for official statements regarding the ongoing situation.
