Hampered cyber attack councils in Kent report ‘data breach’
14:54, 30 January 2024
Kent councils targeted in a sustained cyber attack - bringing online services to their knees - have reported data breaches.
But Canterbury, Dover and Thanet local authorities argue they sounded the alarm as precautionary measures while there is “no evidence personal data has been compromised”.
Disrupted services continue to impede all three councils - which share some IT provisions - after an unspecified “cyber incident” hit around January 18.
The authorities are working in unison with National Cyber Security Centre experts as they investigate the breach.
Large swathes of their websites were knocked offline as technical staff battled to restore crucial services for almost two weeks.
But while initial reports suggested no breach of customer data, the Information Commissioner's Office recently revealed it has received a data breach report from the three authorities.
"We have received breach report forms from three Kent councils who form a three-way partnering service: Thanet District Council, Dover District Council and Canterbury County Council, and will be making enquiries," said spokesperson Rashana Vigerstaff.
In the aftermath, all three council’s websites are slowly being brought back online.
Thanet District Council’s (TDC) planning portal and it’s online forms are working again after going down around January 18.
Issues with forms on Dover District Council’s (DDC) website have now been resolved, but the benefits, council tax and business rates portal are still down.
You still can not apply for or report something in Canterbury, but residents can pay council tax, rent or business rates.
In a joint statement, TDC and DDC said: “Yesterday we started the process to reopen our online systems following some disruption. The majority of systems and forms are now accessible to the public.
"The outcome of our investigation into the security incident so far indicates that there is no evidence personal data has been compromised.
"In our view, it was appropriate to inform the Information Commissioner’s Office as a precautionary measure, while the investigation is underway.
"We have also been working with the experts at the National Cyber Security Centre.”
Canterbury has not confirmed if there was evidence of personal data being leaked but has said its report was also a precautionary measure.
A spokesman stated: “We notified the ICO about the cyber incident we have been experiencing as a precautionary measure and we're keeping them informed of progress while our investigation takes place."