Hackney Council Data Breach Update
In October 2020, we reported the data breach involving Hackney Council where, at the time, there were few details regarding the exact nature and extent of the incident.
Since then, there have been a number of updates. On January 7, it was reported that the data stolen in the initial cyber-attack was published on the dark web for extortion purposes.
The criminal group known as Pysa/Mespinoza by security researchers claim to be responsible for publishing the data. Though it has not been officially verified, the stolen documents are thought to contain sensitive information, with file titles such as ‘passportsdump’, ‘staffdata’ and ‘PhotoID’.
Following the recent developments, the council is continuing to collaborate with the Metropolitan Police, National Cyber Security Centre (NCSC), National Crime Agency (NCA) and the Information Commissioner’s Office (ICO) to establish exactly what has been published.
The Mayor of Hackney Council, Philip Glanville, has announced that anyone affected by the data breach would be contacted directly.
In a statement, Mr Glanville said:
“I fully understand and share the concern of residents and staff about any risk to their personal data, and we are working as quickly as possible with our partners to assess the data and take action, including informing people who are affected,”
A spokesperson for the NCA said: “We are aware that information has been published online as a result of a cyber incident affecting Hackney Borough Council. NCA officers are working closely with the council and the Metropolitan Police Service to manage any risk.”
If you have already been contacted by Hackney Council to inform you that you have been affected by the breach, or you have strong reason to believe your data has been compromised, you may be entitled to compensation.
At Hayes Connor, we are ready to advise anyone who has been affected by the Hackney Council data breach. To find out more, please get in touch.