Glasgow City Council hit by major cyber attack as warning issued over customer data theft

The local authority released details of the incident on Wednesday, saying the attack was disrupting a number of online services.

The council’s ICT supplier CGI discovered the cyber threat on servers managed by a third-party supplier on Thursday last week.

The breach is being investigated by Police Scotland and the National Cyber Security Centre, alongside the Scottish Cyber Coordination Centre.

For the best news from home, subscribe to the Scotsman daily newsletter

A statement issued by the council said: “In the meantime, taking affected servers offline has disrupted a number of our day-to-day digital and online services.

“This includes viewing and commenting on planning applications; paying penalty charges for parking or bus lane contraventions; reporting school absences, and ordering certificates from city registrars.

“Some online diaries and calendars are not available – for example, household schedules for bin collections. Members of Strathclyde Pension Fund are not currently able to access the SPFOnline portal.

“The loss of web-based services has been caused by the isolation of the servers, rather than the cyber incident.”

The statement added: “No council financial systems have been affected in this incident and no details of bank accounts or credit/debit cards processed by those systems have been compromised.”

A city council spokesperson apologised for "the anxiety and inconvenience this will undoubtedly cause". The spokesperson said customers should check online for updates on what services were available.

The incident comes after West Lothian Council was first alerted to a ransomware attack targeting its education network on May 6. All West Lothian schools - 68 primary, 13 secondary and five special needs schools - were affected by the incident.

A separate cyber attack on schools in Edinburgh last month left students locked out of online learning materials ahead of key exams.

The breach was described as "spear-phishing" - a targeted form of phishing where fraudulent emails target specific organisations in an effort to gain access to confidential information.

Edinburgh City Council took the decision to reset passwords for all users as a “precautionary measure”, leaving staff and students unable to log into the network until they reset their password on their return to school.

The council confirmed no data had been compromised as a result of the attack.

NHS Dumfries and Galloway was another agency hit by a cyber attack last year, with the health board saying at the time a “significant quantity” of data had been put at risk and services could potentially be disrupted.

The Scottish Government subsequently offered help to the health board.

Anyone contacted by someone claiming to have their data is advised to contact Police Scotland on 101 or call the Cyber Incident Response Helpline on 0800 1670 623.