In recent developments, three local councils in the UK—Canterbury, Dover, and Thanet—are grappling with persistent disruptions to their online services, a week after confirming a cyberattack that knocked some systems offline. These councils, located in the UK county of Kent and collectively serving almost 500,000 residents, jointly announced an investigation into an unspecified “cyber incident” affecting council tax payments and online forms.
UK councils launch investigation into the incident
Initial statements from Robert Davis, a spokesperson for Canterbury City Council, suggested that no customer data was accessed during the cyberattack. However, the UK‘s Information Commissioner’s Office (ICO) has received a breach report from the three councils, prompting further inquiries to determine the extent of the breach. This raises questions about the incident’s nature and whether personal data has been compromised.
EKS provides various IT and HR services, including payments, benefits, and debt recovery for all three councils. Last week, reports surfaced that some payment systems of Canterbury City Council, provided by EKS, were unavailable. EKS’s website has been offline for at least seven days, and the company has not issued a public statement regarding the cyberattack. Security researcher Kevin Beaumont’s Mastodon post noted that EKS’s Pulse Secure VPN server is offline, indicating a potential connection to the exploitation of two critical zero-day vulnerabilities in Ivanti’s corporate VPN appliance.
The extent of disruptions in critical local government services
Despite these insights, the exact nature of the cyberattack remains unknown, and EKS has yet to provide details or issue a public response. The incident’s repercussions are significant, disrupting hundreds of thousands of individuals in Kent. UK council Canterbury City’s online services, including applications, reports, and payments, remain inaccessible. Residents are unable to apply for services or report issues online, compounding the inconvenience caused by the cyberattack. Dover District Council is also facing technical difficulties, particularly in its benefits, council tax, and business rates portal.
While issues with online forms have been resolved, various systems are still affected, posing challenges for both the council and residents. In a proactive move, Thanet District Council has limited access to several online systems following reports of a potential security incident. The council is actively managing the situation to mitigate risks and protect sensitive information. Their statement acknowledges the limitation of access to certain online services, emphasizing a cautious response to the evolving security situation.
It is important to note that UK councils Canterbury and Thanet clarified that their affected IT services, including online forms and planning applications, are not provided by Civica. A spokesperson for Civica, Fintan Hastings, reassured that Civica’s systems were unaffected by the cyberattack. The spokesperson also mentioned that the firm has never provided any service to the councils affected. However, Civica has maintained that it will continue to provide support to affected customers if they ask for it. The firm also added that it will render its assistance in any way to ensure that the impact is minimized for them and the citizens that they serve.
A Step-By-Step System To Launching Your Web3 Career and Landing High-Paying Crypto Jobs in 90 Days.