ICO informed of council email hack

Written by Colin Marrs on 13 July 2015 in News

The government’s information watchdog is investigating a cyber attack on City of Edinburgh Council which saw hackers steal 13,000 customer email addresses.

The council said last week that it has informed the ICO about the breach, which led to the council resetting all affected accounts.

A statement from the council said that no council services were affected and no other personal data was taken during the attack which took place on 26 June.

A spokesman said: “"We are contacting everyone who has been affected to inform them of the incident and offer them advice and support.

"The Information Commissioner's Office has been informed and preventative measures have been taken by the web service providers.

"We want to reassure the public the ongoing security of our website is critically important, and we continue to work with our service providers to ensure that the risks associated with attacks are dealt with."

In a blog post, professor Bill Buchanan of Edinburgh Napier University said: “At a first look, the hack involving City of Edinburgh Council reported earlier this week doesn't look too serious as there does not seem to be any passwords involved. All that has been revealed is email addresses, which can often be gained from other sources.

“The only threat would be in spear phishing of users with council-related emails, but the users involved probably will be wary of any emails sent from the council anyway.”

But he said that the public sector was struggling to keep up with the pace of increasing ICT integration and properly supporting it.

In 2011, the financial details of people who came to the council for debt advice were exposed.

Share this page



Please login to post a comment or register for a free account.

Related Articles

MoD appoints £2m cyber specialist to test Army IT vulnerabilities
23 September 2022

Firm will be asked to assess existing and new tech platforms 

Government reveals ambition to drastically reduce cybercrime
21 September 2022

Consultation launched on how to ‘reduce the security burden on citizens’

Brexit: ‘No known data breaches’ of EU citizens’ digital status since programme launch, minister claims
20 September 2022

Home Office databases have not been compromised, according to Tom Pursglove

No conflict over Michael Keegan’s roles, says Cabinet Office
7 September 2022

Crown representative for BAE Systems and non-executive director of government supplier will avoid conversations on bidding