Authority turned off IT and phone systems on Thursday after a possible attack and, in an update on Monday, added that recovery process will not begin until at least midweek

Leicester City Council believes it could take a week or more to get its IT and telephone systems back in action following a potential cyberattack last week.

The council first revealed on Friday that it had suffered a “cyber incident” the previous day, following which its “IT systems and phone lines have been temporarily shut down as a precaution”, while an investigation took place.

In an update published on Monday (11 March), the authority indicated that “we expect that it will take until at least the middle of the week before we will be able to start the recovery process” and begin turning systems on again, according to strategic director of city developments and neighbourhoods Richard Sword.

This process will begin with Leicester’s “most critical services”, he added.

Related content

• Capita admits possible compromise of customer data during cyberattack
• Hebridean council works on data recovery following cyberattack
• Cyber Security Week: Analysis – how and where are attackers getting in?

“Over the weekend we have continued to work with our cybersecurity and law-enforcement partners, as well as learning from other councils who have had attacks, to identify the nature of the incident and the steps we need to take to get our systems back online,” Sword said. “We apologise for the inconvenience this is causing. Council officers are working hard to ensure that our frontline services continue to operate with the minimum of disruption. Advice and assistance is still available on our website at Leicester.gov.uk, and we have today set up more emergency phone lines in addition to those established last Thursday. These numbers are to aid those who need urgent assistance and not for general enquiries.”

The council has not provided details of the nature of the incident but, in Monday’s update, it referred to itself as being “the latest of a number of local authorities to be affected by cyberattacks” in recent months.

Announcing the attack last week, Sword said that the council would be “liaising closely with the experts at the National Cyber Security Centre and law enforcement partners as part of our investigations”. It is impossible to say how long such investigations might take, he added.