Hackney Council stolen data published on dark web forum

Pysa ransomware group has claimed the responsibility for the cyber attack launched last year

Cyber criminals who launched a ransomware attack on Hackney Borough Council in October have published on a dark web forum what they claim to be documents from the council.

Operators of Pysa (or Mespinoza) ransomware said they were behind the cyber attack which disrupted the Council's online services and left many of its systems inoperable four months ago.

In a statement on its website, the Council said that only a 'limited set' of data has been released which is easily findable. It added that the vast majority of the sensitive or personal data it held remained unaffected during the attack.

"Hackney Council has been made aware that data stolen in October's cyber attack has been published by the organised criminals responsible for the attack," the statement reads.

"The experts supporting the Council believe that this is a limited set of data, it has not been published on a widely available public forum, and is not visible through search engines on the Internet."

The Council added that it was working closely with the National Crime Agency, the National Cyber Security Centre, the Metropolitan Police, the Information Commissioner's Office and private security experts to establish what information has been published by the hackers.

Some media reports claimed that the data dump appears to contain a large amount of sensitive information, including passport data, staff data, photo IDs, scans of tenancy audit documents for public housing tenants, and information on community safety.

Hackney mayor Philip Glanville said it was shameful that hackers deliberately attacked Hackney Council amid pandemic to disrupt services and to steal data relating to the staff and residents from the Council's systems.

"Now, four months on, at the start of a new year and as we are all responding to the second wave, they have decided to compound that attack and now release stolen data," Glanville added.

"Working with our partners, we will do everything we can to help bring them to justice," he said.

In October, Hackney Borough Council first disclosed that it had fallen victim to a cyber attack that disrupted many of its services and IT systems.

At the time, Glanville said that their priority was to protect the data from cyber actors and to focus on delivering essential frontline services, especially to their most vulnerable residents.

Nearly four months later, many of the Council' services still remain disrupted, and Hackney has failed to give any timeline for when it will be able to fully restore hem.

The disruption in services has also derailed house purchases in Hackney.

"It's extremely frustrating as the hack has ruined our plans and cost us money that we'll never get back," a resident told the BBC.

"The sale of our property fell through because our buyer wasn't able to carry out a search on our house so couldn't get a mortgage."

"Subsequently we lost the house we were planning on buying and had already spent more than £1,000 on a survey for. We were hoping to have the house sorted in time to make use of the stamp duty holiday, but that's not looking likely."