Cyberattack disrupts services across multiple London boroughs

Shared council systems in London have been disrupted by a cyberattack now under review by security agencies.
London councils are investigating a cyber attack that disrupted shared systems and prompted support from the NCSC.

Multiple London councils are responding to a cyberattack that has disrupted shared IT systems and raised concerns about data exposure. Kensington and Chelsea and Westminster councils detected the incident on Monday and alerted the Information Commissioner’s Office as investigations began.

The councils say they are working with specialist incident teams and the National Cyber Security Centre (NCSC) to protect systems and keep key services running. Several platforms have been affected, and staff have been redeployed to support residents through monitored phone lines and email channels.

Hammersmith and Fulham, which shares IT services with the affected councils, has also reported disruption. Local leaders say it is too early to confirm who was responsible or whether personal data has been compromised. Overnight mitigation work has been carried out as monitoring continues.

Security researchers describe indications of a serious intrusion involving lateral movement across shared infrastructure. They warn that attackers may escalate to data theft or encryption, given the sensitivity of the information held by local authorities.

National security agencies and police are assessing the incident’s potential impact. Analysts say the attack highlights long-standing risks facing councils that manage extensive services on limited budgets and with inconsistent cyber safeguards.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!