A significant cyber attack has struck several local authorities in West London, prompting an urgent response from the UK's leading cyber security agency. The National Cyber Security Centre (NCSC) has confirmed it is actively monitoring the situation and working to understand the full extent of the breach.
Councils Confirm Widespread Disruption
Kensington and Chelsea Council publicly confirmed it was dealing with a serious cyber security issue, revealing that neighbouring authorities Westminster City Council and Hammersmith and Fulham Council were also impacted. The incident, first identified on the morning of Monday, November 24, has affected a number of shared IT systems and services, leading to widespread disruption, including to council phone lines.
In an official statement, Kensington and Chelsea Council outlined its immediate response, noting it is working closely with cyber incident experts and the NCSC. The primary focus is on a three-pronged approach: protecting sensitive systems and data, working to restore disabled systems, and maintaining the delivery of critical public services.
Emergency Plans Enacted for Vulnerable Residents
The councils have moved swiftly to invoke established business continuity and emergency plans. A spokesperson emphasised that resources are being diverted to manage the incident and that the priority is supporting the most vulnerable residents.
The public has been advised that they may experience delays in response times and non-critical services over the coming days. For emergencies, residents are being directed to contact numbers listed at the top of the council's official contact page, as standard phone lines remain unreliable.
Internal communications seen by the Local Democracy Reporting Service reveal the depth of the caution being exercised. Staff at Hammersmith and Fulham Council were explicitly warned not to click on any links sent from colleagues at Kensington and Chelsea or Westminster City Council via Outlook or Teams accounts "until further notice."
Investigation Underway as Police are Notified
While the councils have stated it is too early to confirm who is behind the attack or their motives, a full investigation is underway. The Information Commissioner's Office (ICO) has been formally informed, a standard procedure in potential data breach scenarios.
The Metropolitan Police has also become involved, confirming that its Cyber Crime Unit received a referral from Action Fraud on November 24 and that enquiries are in their early stages. No arrests have been made at this time.
Council IT teams worked through the night following the discovery of the incident, implementing what they describe as "a number of successful mitigations." Systems remain under vigilant monitoring for any further malicious activity. The councils have apologised for the disruption and thanked residents for their patience as work continues to bring services back online safely.
