Hackney Council Data Breach Update

  • Posted on

In October 2020, we reported the data breach involving Hackney Council where, at the time, there were few details regarding the exact nature and extent of the incident.

Since then, there have been a number of updates. On January 7, it was reported that the data stolen in the initial cyber-attack was published on the dark web for extortion purposes.

The criminal group known as Pysa/Mespinoza by security researchers claim to be responsible for publishing the data. Though it has not been officially verified, the stolen documents are thought to contain sensitive information, with file titles such as ‘passportsdump’, ‘staffdata’ and ‘PhotoID’.

Following the recent developments, the council is continuing to collaborate with the Metropolitan Police, National Cyber Security Centre (NCSC), National Crime Agency (NCA) and the Information Commissioner’s Office (ICO) to establish exactly what has been published.

The Mayor of Hackney Council, Philip Glanville, has announced that anyone affected by the data breach would be contacted directly.

In a statement, Mr Glanville said:

“I fully understand and share the concern of residents and staff about any risk to their personal data, and we are working as quickly as possible with our partners to assess the data and take action, including informing people who are affected,”

A spokesperson for the NCA said: “We are aware that information has been published online as a result of a cyber incident affecting Hackney Borough Council. NCA officers are working closely with the council and the Metropolitan Police Service to manage any risk.”

If you have already been contacted by Hackney Council to inform you that you have been affected by the breach, or you have strong reason to believe your data has been compromised, you may be entitled to compensation.

At Hayes Connor, we are ready to advise anyone who has been affected by the Hackney Council data breach. To find out more, please get in touch.

What to do if you are worried about the Hackney Council data breach

If you have been affected by the Hackney Council data breach, then the council should have contacted you to inform you of the situation. If you are yet to hear from them and you have concerns that your data is at risk, then you should get in touch with them directly.

As it has already been confirmed that the data has been shared on the dark web, cybercriminals may have an opportunity to use it for fraudulent purposes.

It is therefore vital to be vigilant of any emails, phone calls or communication from anyone claiming to represent Hackney Council. These could be ‘phishing attacks’ which are designed to extract further personal information from you, such as your bank details.

To minimise the risk of your data being used by cybercriminals, there are a number of steps you can take. To find out more, read our comprehensive guide to what to do if your data has been stolen in a data breach.

You may also want to consider whether you are entitled to compensation following the Hackney Council data breach. This is something the team at Hayes Connor will be able to help you with.

How Hayes Connor can help you claim compensation for the Hackney Council data breach

Any organisation that holds your personal data is legally obliged to keep it secure and out of the hands of cybercriminals. This means, if a data breach occurs, the people affected will likely have grounds to claim compensation.

Hayes Connor has one of the largest teams of data breach specialists in the country, with a wealth of combined experience, so are well placed to provide sound advice if you believe your data has been exposed.

Our expert team will provide tailored advice to help clarify whether you have grounds to make a claim, how the claims process will work and the level of compensation you may be entitled to.

Our aim is to make sure that anyone affected by a data breach is able to access the compensation they deserve, while simultaneously making the claims process as straightforward as possible.

You can find out more about our expertise and how we handle data breach claims here.

To start a claim, you can use our online claim form.

To speak to a member of our team, please do not hesitate to give us a call on 0330 041 5137.