Oxford City Council warns it suffered a data breach where attackers accessed personally identifiable information from legacy systems.
The incident has also caused an ICT service disruption, as announced on the website, and although most of the impacted systems have been brought back online, the remaining backlogs may continue to cause delays.
Oxford City Council is the local government authority responsible for managing critical public services, such as housing, planning, waste collection, environmental health, and elections, in Oxford, England.
The authority serves a population of around 155,000 residents, but its influence extends further due to the city’s international prominence through the University of Oxford, tourism, and research institutions.
A statement on its website explains that attackers gained unauthorized access to some of its systems and databases, which host personal information.
Based on the preliminary investigation, the impacted system contained information on former and current Council officers between 2001 and 2022.
“Unfortunately, the attackers were able to access some historic data on legacy systems,” reads the statement published on the Oxford City Council website.
“We have now identified that people who worked on Oxford City Council-administered elections between 2001 and 2022, including poll station workers and ballot counters, may have had some personal details accessed.”
The statement claims there’s no evidence that the exposed data has been further disseminated. Also, there’s no mention of citizen data having been compromised.
BleepingComputer has contacted Oxford City Council to specify if citizen data was stored in the accessed databases, and we will update this post with their response.
The organization says the investigation into the incident is still ongoing, and no signs of mass data extraction have been unearthed as of yet.
Oxford City Council says it has begun individually notifying those confirmed to be affected, providing details about the incident, available support resources, and assurances of strengthened security measures to prevent future breaches.
Also, the relevant government authorities and law enforcement agencies have been notified accordingly.
Patching used to mean complex scripts, long hours, and endless fire drills. Not anymore.
In this new guide, Tines breaks down how modern IT orgs are leveling up with automation. Patch faster, reduce overhead, and focus on strategic work — no complex scripts required.
Source link
-
-
-
-
-
-
-
-
