Redcar and Cleveland Council expelled public and press from council meeting discussing ransomware outbreak

Public and press thrown-out of resources committee meeting last week because ‘sensitive’ information about ransomware attack would be discussed

Redcar and Cleveland Borough Council expelled members of the public from a council meeting last week where the organisation's recent ransomware attack would be discussed.

The move was made on the request of officials at the council who claimed that they could not answer councillors' questions in public because ‘sensitive' information would be discussed.

Labour councillor Sue Jeffrey had wanted to know what business processes remained down, according to the Northern Echo.

"I've got a range of questions chair, I'd like to be able to ask them. The first question is just wanting to understand what business processes are currently unavailable.

"So things like house searches, the planning portal, registration, building and control - all those sorts of things - access to historical files, regeneration projects, financial transactions.

"Could you give me a run down on what we currently don't have available, please, to the public on those systems?" she asked.

However, Steve Newton, assistant director of governance, requested that the chamber should be cleared of press and public before answering councillors' questions.

He argued that the move to bar members of the public and press from the resources committee meeting was justified because ‘sensitive' information would be discussed, adding that there was currently a criminal investigation, led by the National Crime Agency, into the cyber attack.

Committee chairman, Councillor Chris Massey proposed that the press and public be excluded on the grounds of confidentiality - a move approved by the committee.

IT systems at the Council were taken down on 8^th February by the ransomware attack and many systems have stayed down since then.

It was two days until the local authority admitted that it had been subjected to a "cyber attack", forcing staff to return to manual processes, and two weeks until it admitted that the cyber attack was, in fact, ransomware. Throughout the whole affair, the Council has provided barely any information to the public.

According to the Local Democracy Reporting Service, the Council has not paid the demanded ransom, although the Council itself has refused to answer this question.

And while the Council has remained tight-lipped, Councillor Lanigan has claimed that it has "built a new server and website, and mobilised a temporary call centre" in response, but added that "it may be some time before our IT capabilities are fully restored which may mean frustration for the public in dealing with us administratively".

Redcar and Cleveland Borough Council's minimal-information approach to its ransomware attack mirrors that of Travelex, which was attacked on New Year's Eve. Its systems remained down for more than a month. Like Redcar and Cleveland Council, it claims no personal information has been compromised, but unlike Travelex it did notify the Information Commissioner's Office (ICO) of the data breach within the 72-hour deadline.