United Kingdom


Prolonged effects of Cyberattack on City of Leicester almost Two Months after Initial Attack

March 7, 2024

The council disabled its phone and computer systems on 7 March after a “cyber incident”. The issue lead to prolonged disruption:
-BBC reports on April 3; 25 stolen documents had been posted online but now a “much larger batch” has been released. Council bosses said the attack on its systems was “highly sophisticated”.
The council said its IT networks were now back online and that a known ransomware group was responsible.
-BBC reports on April 23 : wider effects of the cyberattack continue to show, including a number of street lights that are staying on during the day. “This means we are currently not able to remotely identify faults in the street lighting system. A number of steps are required to resolve the problem, and we are working through these as quickly as we can.” says a city council spokesperson.

INC Ransom claimed responsibility for the attack.

read more

Black Basta Group Claims Ransomware Attack at UK Water Treatment Company

January 23, 2024

Southern Water, a water treatment company serving millions across the United Kingdom, was the victim of a ransomware attack claimed by the Black Basta ransomware gang.

“At this point there is no evidence that our customer relationships or financial systems have been affected. Our services are not impacted and are operating normally,” Southern Water said today. It’s unclear where the root cause of the breach lies. Some documents leaked online are branded with Greensands logos – the parent company of Southern Water.

Black Basta said it stole 750 GB worth of data in total, comprised of personal data and corporate documents, which is consistent with the small sample leaked online.

read more

Lockbit Ransomware Attack Significantly Impacts Owens Group Operations.

November 15, 2023

British logistics company Owens Group has reportedly suffered a significant data security incident. Confidential company data and the sensitive personal information of its drivers, employees, and clients was compromised. LockBit ransomware infiltrated its systems. The ransomware attack has had a significant impact on Owens Group’s day-to-day operations. The encryption of critical files and systems has led to disruptions in logistics planning, supply chain management, and communication channels.

LockBit group says it stole over 700 GB of data. Owens’ data included finance information, such as budget, cash flow, balance sheets, tax returns, project calculations and bank statements, as well as client details including addresses, phone numbers, payment information and contracts, and employees’ personal information like passport scans and contracts.

Owens Group has engaged cybersecurity experts to assess the extent of the breach and work towards a resolution. The company is actively involved in restoring its systems and implementing enhanced cybersecurity measures to prevent future incidents.

read more

No Databreach from Cyberattack at Fulcrum Utility Services in UK

September 27, 2022

Fulcrum Utility Services Ltd – Sheffield-based multi-utility infrastructure and services provider – Says it has recently managed a cyber security incident, after detecting unauthorized activity on its network. The activity has now ceased and the company’s IT systems have been securely reinstated. Adds that the “majority” of its operations were able to continue, however access to managerial and system information has been limited and work is still ongoing to correct this. No data was breached during the cyber attack, Fulcrum notes.

“The Board will provide a further update as and when appropriate,” the company says.

read more

Data Breach at Compass Group Italia

November 27, 2023

A ransomware-type attack recently hit Compass Group Italia. The company manages numerous canteen services in schools throughout Italy. The data that may have been stolen can be sensitive depending on the company branch involved. Compass Group Italia said the company’s operations were not compromised. However, the focus of attention is now on data security, with the company working diligently to ensure that any sensitive information is protected.

The Akira group is suspected to be behind the attack.

read more

Attack on Swedish medical technology provider disrupts municipal British ambulance services.

July 18, 2023

Attack on Swedish medical technology provider disrupts municipal British ambulance services.
Swedish healthcare and medical technology provider Ortivus disclosed a cyber incident that took place on July 18, which affected UK customers using their cloud-hosted MobiMed ePR electronic patient record system. The UK National Health Service (NHS) confirmed the intrusion impacted the ambulance services in several parts of the country, preventing access to patient medical histories by ambulance crews.

read more

Cyberattack Causes Widespread Disruption for Lyca Mobile Customers

September 30, 2023

Lyca Mobile, a British telecom company, faced a network disruption due to a cyber attack over the weekend of September 30 – October 1.
“The issues affected all Lyca Mobile markets apart from the United States, Australia, Ukraine and Tunisia,” the company said. The attack prevented customers and retailers from accessing top-ups. National and international calling was impacted and it raised concerns about potential customer data compromise.

read more

British Library Systems Disrupted for Weeks after Ransomware Attack

October 27, 2023

In late October, the British Library first disclosed it was experiencing an unspecified cybersecurity incident that caused a “major technology outage” across its sites in London and Yorkshire, which downed its website, phone lines, and on-site services, such as visitor Wi-Fi and electronic payments.

Two weeks on, and the British Library outage is still ongoing. However, the organization has now confirmed the disruption is the result of a ransomware attack launched “by a group known for such criminal activity.” The British Library said that some internal data has leaked online, which “appears to be from our internal HR files.”
The British Library said in its latest statement that it could take weeks, or possibly even longer, for it to recover from the ransomware attack.

read more

Edinburgh Trams’ Website offline after Cyberattack

September 28, 2023

Edinburgh Trams said on Thursday it was the victim of a “cyber crime” making the company’s website “inaccessible” to its user base.. The matter was reported to police on Thursday, 28 September, 2023 and enquiries are ongoing.”

Threat intelligence platform FalconFeeds said that international ransomware group NoName was behind the attack, and also targeted Swiftcard and Mersey Ferries Limited.

read more

2020 Phishing Email Cost UK Interserve more than £11M

May 8, 2020

Hackers stole sensitive details on 100,000 people from an outsourcing company named Interserve. The Phishing campaign attackers are unknown and the company offered no additional information. The data stolen is sensitive, including employee names and their addresses, bank details, payroll information, HR records, pension information and much more.

Update August 2023: The Information Commissioner fined Interserve £4.4m in autumn 2022. Interserve was once a FTSE 250 firm but has largely been broken up after collapsing into administration four years ago. Its latest accounts reveal that it spent £7m on ‘professional adviser fees’ following the attack.

read more