A UK local authority has warned citizens to watch out for follow-on scams after it was breached in a ransomware attack discovered earlier this week.
St Helens Borough Council in the north-west of England said it first identified the attack on Monday and reached out immediately to a third-party security firm.
It claimed in a statement seen by Infosecurity that it is continuing to provide services through the council website, although some systems have been disrupted.
“Some internal systems to the council are currently being affected due to the actions we have put in place to prevent any further impact, and whilst a full investigation is undertaken,” the statement noted.
“While we work through this ongoing situation we would recommend that residents are mindful of how to keep themselves safe online and be alert to any communications they may have received from the council.”
Read more on ransomware: Over a Quarter of UK Councils Hit by Ransomware
The council warned in a further message on its website for locals to watch out for phishing emails impersonating their bank and informing them of a new direct debit. That would suggest that the hackers have access to citizens’ personal information.
“The email will look real, and will include links to click on to confirm your details,” it said. “This email is a fake email known as phishing. Criminals use fake messages to get you to click on links in order to get sensitive information such as your bank details.”
The council said it is working to resolve the incident but added “obviously this is a very complex and evolving situation.”
Local government authorities in the UK and US are a popular target for ransomware actors, as they’re deemed to be less well-resourced than state or national peers.
Sometimes the cost of remediation and restoration of systems can be huge. A breach at Redcar & Cleveland Borough Council is said to have cost the authority over £10m, while a similar incident affecting Hackney Council cost the London borough more than £12m.
By one reckoning, 106 local governments in the US were hit by ransomware in 2022, with data stolen in around a quarter of those incidents.
Editorial image credit: AndrewGeorgePhotography / Shutterstock.com