Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Glasgow Council services remain offline a week after cyber attack | Computer Weekly

By Computer Weekly by By Computer Weekly
June 26, 2025
Home Uncategorized
Share on FacebookShare on Twitter


Glasgow City Council has become the second local authority in the UK to have disclosed a security incident in the past few days, after multiple online services were knocked out in a cyber attack that may have involved the theft of customer data.

The cyber attack was first detected a week ago, on Thursday 19 June, after council IT supplier CGI found evidence of “malicious activity” on servers managed via an as-yet-unnamed third-party.

The affected servers were taken offline, but naturally, the act of isolating these systems has left the council unable to operate its usual range of online public services effectively.

Currently, online planning application services, penalty charge notices, appeals and payments, registrar appointment bookings, and online revenue and benefit callback appointment bookings are inaccessible. Glasgow Council employees and ex-employees are also unable to access the council’s pension fund portal, Strathclyde Pension Fund Online.

Additionally, Glasgow Council revealed, online forms and calendars relating to multiple other services are also unavailable, including sign language interpretation services, freedom of information (FoI) requests, bin collection calendars, school absence reporting and complaints.

Glasgow Council confirmed an investigation is underway, with assistance from Police Scotland, the Scottish Cyber Coordination Centre (SC3) and the wider National Cyber Security Centre (NCSC).

“Glasgow City Council apologises for the anxiety and inconvenience this incident and the necessary response to it will undoubtedly cause,” the council said in a statement.

“At this stage, we can’t confirm whether data has actually been removed, and if so, what that data is, [but] as a precaution, we are operating on the presumption that customer data related to the currently unavailable web forms may have been exfiltrated, and we have contacted the Information Commissioner’s Office (ICO) on this basis.

“No council financial systems have been affected in this attack and no details of bank accounts or credit [or] debit cards processed by those systems have been compromised.”

The council is advising employees and residents to be particularly cautious about contact from anybody claiming to represent it until it can confirm whether or not there has been a data leak. It stressed that in instances in which it does need to communicate via email, it will never ask for any bank account details or passwords.

The incident in Glasgow comes hot on the heels of a cyber attack on Oxford City Council, which took place earlier in the month but went undisclosed until 19 June. This incident seems to have been largely contained, but appears to have resulted in the theft of historical personal data related to election workers.

Uncomfortable truth

Though no connection between the two attacks has been discovered or should be inferred, the incidents highlight an uncomfortable truth that local authorities across the UK are incredibly vulnerable, according to Jamf’s senior security strategy manager for EMEA, Adam Boynton.

“Local councils are the beating heart of our communities, and cyber criminals know it. When you combine sensitive personal data, ageing infrastructure and a sprawling network of third-party suppliers, you create the perfect storm for targeted cyber attacks,” he said.

“Public sector security is only as strong as its weakest vendor. In today’s threat landscape, it is no longer enough to secure your own perimeter. Councils must extend their security posture across the entire digital supply chain,” added Boynton.

“That means more than ticking boxes. It means enforcing secure-by-default configurations, mandating multifactor authentication, and ensuring suppliers uphold the same patching and monitoring standards expected internally.

“We need to move from reactive clean-up to proactive, enforced resilience. That starts with treating third-party risk as first-party responsibility and embedding cyber security as a foundational part of public sector procurement and governance.”



Source link

By Computer Weekly

By Computer Weekly

Next Post
Data center vacancy rates hit record low

Data center vacancy rates hit record low

Recommended.

Here Are The Biggest Moves 20 MSP 500 Executives Made In The Last Year To Drive Success

Here Are The Biggest Moves 20 MSP 500 Executives Made In The Last Year To Drive Success

February 12, 2026
WYRED LAUNCHES KYRO, A REVOLUTIONARY CONNECTIVITY MODEL DESIGNED FOR INDUSTRIAL OPERATIONS

WYRED LAUNCHES KYRO, A REVOLUTIONARY CONNECTIVITY MODEL DESIGNED FOR INDUSTRIAL OPERATIONS

April 2, 2025

Trending.

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

CELLCOM ISRAEL LTD. Announcement of A Special General Meeting of The Shareholders of The Company

May 21, 2025
Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

Veeam Debuts Data Resiliency Maturity Model To Assess, Improve Customers’ Cyber Resiliency

April 23, 2025
Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

Insurance Modernization at Risk as Workforce Strategies Fall Behind, Says Info-Tech Research Group

May 8, 2026
VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

VNET Wins 40MW Wholesale Order from Leading Internet Company for Its New Strategic IDC Campus

September 11, 2025
OpenTable Launches All-in-One Marketplace for Private and Group Dining

OpenTable Launches All-in-One Marketplace for Private and Group Dining

September 16, 2025

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio