Exposed Hackney Council data published online by hackers

In October last year, Hackney Council announced a data breach after suffering what was described as a severe cyberattack from an unknown source. In the ensuing confusion, the council joined forces with the National Cyber Security Centre in an endeavor to judge the scale of the attack and find its source. It has since been revealed that hackers may have published files that reportedly come from exposed Hackney Council data.

The news is undoubtedly unnerving to those affected, and no one can be sure whether their data has been affected or not. As Hackney Council struggles to get a handle on the breach, leading firm Your Lawyers – The Data Leak Lawyers – are taking on claims for anyone who may have been affected by the leak.

The Hackney Council data leak – what happened?

Following the identification of an attack on their computer system, the Hackney Council data breach was reported to the Information Commissioner’s Office (ICO). It has since been found that the breach involved a ransomware attack, after a hacker group published exposed files on a dark-net website, assumedly for the purposes of blackmail and extortion. Hackney Council is currently investigating the published data, but the file names seem to suggest that there is sensitive information in there. They are reported to have been labelled “passportsdump”, “PhotoID” and “staffdata”. This suggests passport information and employee details are at risk.

Hackney Council appears to have not established the scale of the breach, and they may not yet have been able to properly identify all who may have been affected. It is unlikely that the council has given in to ransom demands, given the risks of this approach, and there is little sign of further progress in their investigation. While a spokesperson has issued a statement assuring residents that “the vast majority of sensitive or personal information” does not appear to have been affected, this reassurance may be of little value given the potential risk to Hackney Council data that may have been exposed.

The dangers of a ransomware attack

Organisations affected by a ransomware attack can effectively be in a ‘lose-lose’ situation. If they don’t give in to ransom demands, they may have little chance of recovering the data. However, if they do pay a ransom, they may have no guarantees as to whether hackers will honour their side of the bargain.

Of course, most choose not to pay ransoms, and this is recommended by the National Cyber Security Centre.

As a result of the Hackney Council data leak, affected parties may have their information abused by cybercriminals intent on fraud and theft. In addition, the passport information that is alleged to have been included in the leak could be used for identity fraud. The stolen data could be sold on to any number of criminals, intensifying the potential security risks further.

Claiming for a data leak

As highlighted above, the dangers of the Hackney Council data leak could be severe, which is why we encourage anyone affected to come forward and make a claim. If Hackney Council has notified you that your information was affected in the cyberattack, and you have since suffered fraud attempts, theft or emotional distress, you may be eligible to claim compensation.

As a leading firm in the niche area of data breach law, we have helped thousands of clients to recover the compensation that they deserve, and we may be able to help you too.

Contact us today for free, no-obligation advice on your right to claim.

Data breaches and payment card fraud

The dangers of ignoring cyberattacks