London Councils Hit by Major Cyberattacks
▼ Summary
– Multiple London councils including Kensington and Chelsea and Westminster are responding to a serious cybersecurity incident discovered on Monday morning.
– The councils have notified the UK Information Commissioner’s Office and are working with the National Cyber Security Centre to restore affected systems.
– Shared IT systems between Kensington and Chelsea, Westminster, and Hammersmith and Fulham councils likely caused simultaneous impact across these organizations.
– London councils are frequent ransomware targets due to under-resourced legacy IT systems and limited cybersecurity expertise.
– A security expert warned that without investment in modern defenses, 2026 could bring significant disruptions to UK digital services from AI-driven threats.
Several London boroughs are currently grappling with a severe cybersecurity breach that has disrupted their digital operations. The Royal Borough of Kensington and Chelsea (RBKC) and Westminster City Council (WCC) confirmed they are jointly managing an incident first detected on Monday. Both councils have alerted the UK Information Commissioner’s Office and are coordinating closely with the National Cyber Security Centre to address the situation.
A number of essential systems have been affected, including telephone services. RBKC advised residents with emergencies to refer to the contact numbers listed at the top of their official webpage. Additional staff have been assigned to handle communications and monitor emails and phone lines, while business continuity and emergency protocols have been activated to maintain vital services, especially for vulnerable individuals.
IT teams worked overnight to implement what RBKC described as “a number of successful mitigations.” The two councils share various IT systems and services, which likely contributed to the simultaneous impact. Hammersmith and Fulham Council, which also shares IT infrastructure with RBKC and WCC, appears to be affected by the same incident.
Although Hackney Council was not directly targeted this time, it reportedly elevated its internal cybersecurity threat level to critical and issued a staff memo warning against potential phishing attempts. RBKC committed to continuing its collaboration with cybersecurity specialists and the NCSC to restore full system functionality as quickly as possible, promising further updates when available.
London’s local authorities have become frequent targets for ransomware groups in recent years. Many councils operate with limited resources, leaving older IT systems inadequately protected and creating a shortage of cybersecurity expertise. Such vulnerabilities can severely impact public services, as demonstrated by Hackney Council’s 2020 ransomware attack and data breach, which compromised information belonging to at least 280,000 residents.
That incident resulted in recovery costs exceeding £12 million and led to a formal reprimand from the ICO. Spencer Starkey, SonicWall’s EMEA Vice President, warned that threat actors will likely continue targeting government bodies to undermine public trust in digital services. He emphasized that in today’s interconnected digital economy, a breach in one area can create widespread disruption. Without major investments in modern security measures, especially those capable of defending against AI-powered threats, the UK could face serious disruptions affecting millions of people and businesses in the near future.
(Source: Info Security)
