Leicester City Council Suffers Ransomware Attack by INC Ransom Group

Overview

Leicester City Council, a local authority in the United Kingdom, has been targeted by the ransomware group INC Ransom. The attack was claimed on the group's dark web leak site, where they shared residents' passport details. The council's website, Leicester City Council, indicates that they operate in the Government sector.

Ransomware Attacks and Impact

Leicester City Council is a significant organization, serving the local community in Leicester, England. They provide a range of services, including child protection, adult social care safeguarding, and homelessness support. The attack has affected several critical services, causing disruptions and forcing the council to shut down its IT systems as a precaution.

The incident is part of a broader trend of disruptive cyberattacks affecting local authorities, with 67 ransomware attacks recorded in the first three quarters of 2023 compared to 13 during the whole of 2022. The attack on Leicester City Council follows a similar incident at NHS Dumfries and Galloway, which was also claimed by INC Ransom.

It is known that the group operates on a double extortion model, where they steal data before deploying the ransomware locker. This suggests that the council may have been targeted due to its sensitive data, which could have been used for extortion purposes.

The incident is still ongoing, with the council working to recover its systems and restore services. The council has not yet confirmed whether any data was compromised during the attack.

Sources

• Leicester City Council - Homepage
• Cybernews.com - Ransomware cartel claims Leicester City, shares data
• The Record - Leicester UK cyberattack: local council
• TechMarketView - Leicester City Council hit by cyber attack
• BBC News - Leicester: Personal data shared online after cyber-attack - council
• The Register - INC Ransom claims 'cyber incident' at UK city council