City’s local authority reveals that services were disrupted as a result of systems being disabled following successful attack, in which information on council officers and contingent support workers was breached
Oxford City Council has revealed that cyberattackers are believed to have gained access to the personal information of people who worked on elections administered by the authority over a period of more than 20 years.
In a public statement yesterday, the council announced that it was “subject to a cybersecurity incident over the weekend of 7/8 June”.
During the incident – in which “an unauthorised presence was detected within our network” – intruders “were able to access some historic data on legacy systems”.
The authority added: “We have now identified that people who worked on Oxford City Council-administered elections between 2001 and 2022, including poll station workers and ballot counters, may have had some personal details accessed. The majority of these people will be current or former Council officers. There is no evidence to suggest that any of the accessed information has been shared with third parties.”
Explorations are ongoing with the aim of ascertaining “as precisely as we can what was accessed and what, if anything, might have been taken out of our systems” – although the statement asserted that “there is no evidence of a mass download or extraction of data”.
Related content
- All election candidates offered cyber protection support
- Cross-public sector cyber duties moved into GDS
- DCLG cybersecurity leader urges councils to prepare for inevitable election attacks
All those who may have been affected have been contacted directly by the council to inform them of the incident, what remedial steps have since been taken, and what support is being offered to possible victims.
“We know how important it is to protect the information we hold,” the statement said. “We take that responsibility extremely seriously, and this unlawful breach of council systems is deeply regrettable for all impacted. We have already taken action to prevent any further unauthorised access to our systems, and we have reported the incident to the relevant government authorities and law enforcement agencies. A full investigation into the incident is ongoing.”
According to Oxford, once the attack was first detected “our automated security systems kicked in, removed the presence and minimised the access the attackers had to our systems and databases”.
“We then rapidly deployed external cybersecurity specialists to support us and proactively took down each of the council’s main systems to carry out full security checks and investigate the incident,” the authority added.
This response cause some service disruption last week, but “most of our systems are now safely up and running again, and the remaining systems should be back online this week”.
The council said: “As a result of these precautionary checks, we can confirm that the council’s email systems and wider digital services remain secure and safe to use.”
