Ethical Hacking News
Glasgow City Council's digital services have been disrupted by a cyberattack, leaving residents uncertain about the status of their data. The attack, which started on June 19, 2025, has resulted in the council taking steps to protect its systems and prevent further damage.
Glasgow City Council's digital services have been severely disrupted following a cyberattack. The attack is believed to have started on June 19, 2025, and has resulted in the council's ICT supplier discovering malicious activity on servers managed by a third-party supplier. A number of the council's day-to-day digital services are currently unavailable, including application for footway crossings, bin calendars, and permit applications. The council has warned residents that suspected stolen data may include information from affected web forms and is advising people to be cautious of potential phishing attacks. The attack highlights the growing threat of supply chain attacks and the importance of cybersecurity awareness and education.
Glasgow City Council has been left reeling after a cyberattack on its digital services, leaving a trail of disruption and uncertainty in its wake. The attack, which is believed to have started on June 19, 2025, has resulted in the council's ICT supplier, CGI, discovering malicious activity on servers managed by a third-party supplier.
The council has confirmed that it is conducting an investigation into the incident, working closely with Police Scotland, the Scottish Cyber Coordination Centre (SC3), and the National Cyber Security Centre. The investigation is ongoing, but it is clear that the attack has had far-reaching consequences for the council's digital services.
A statement from the council reads: "Early in the morning of Thursday 19th June 2025, the council's ICT supplier CGI discovered malicious activity on servers managed by a third-party supplier. We are conducting an investigation into the incident, alongside Police Scotland, the Scottish Cyber Coordination Centre (SC3) and the National Cyber Security Centre."
In the meantime, taking affected servers offline has disrupted a number of the council's day-to-day digital and online services. The list of unavailable services includes application for footway crossing (dropped kerbs), bin calendar, certificate online (births, deaths, marriages), comments and compliments, complaints, council diary, elections, FOI requests, future processions, Glasgow film office location library, permits, planning enforcement, planning statutory enforcement, public processions, pupil absence, sign language interpreter service (SLIS), taxi complaints form, and payment and appeals portal for parking tickets.
The council has warned customers that the suspected stolen data may include information from these web forms, and it is urging residents to be wary of potential phishing attacks using the data that may or may not be stolen. The council is advising anyone who has used any of the affected forms to be particularly cautious about contact claiming to be from Glasgow City Council.
In addition to the disruptions to its digital services, the council has also been forced to take steps to protect its systems and prevent further damage. Defenders have isolated systems, which has resulted in all of the above services remaining unavailable due to this measure, rather than as a direct result of the attack itself.
The council's decision to operate on a precautionary basis, assuming that data has been stolen, is a clear indication of the severity of the situation and the potential consequences for its residents. The council's ICT supplier, CGI, has also issued a statement, stating that they are working closely with Glasgow City Council and the relevant authorities on this incident.
"CGI is working closely with Glasgow City Council and the relevant authorities on this incident," said a CGI spokesperson. "We take our cybersecurity obligations seriously and have robust protocols in place to identify, investigate, and remediate incidents to support business continuity for our clients."
The cyberattack on Glasgow City Council is just the latest example of the growing threat of supply chain attacks. Supply chain attacks are becoming increasingly common, with organizations 'flying blind' about their dependencies and leaving them vulnerable to attack.
The attack on Glasgow City Council has also highlighted the importance of cybersecurity awareness and education. The council's warning to residents about potential phishing attacks using stolen data is a clear reminder that cybersecurity is not just the responsibility of IT teams, but a collective effort that requires everyone's attention and vigilance.
In recent years, local authorities and public sector organizations in the UK have been targeted by cyberattacks, resulting in significant disruptions to their digital services. The attack on Glasgow City Council is just the latest example of this trend.
Despite the challenges posed by these attacks, there are steps that can be taken to prevent them. Organizations can take proactive measures to identify and mitigate risks, implement robust cybersecurity protocols, and educate employees about the importance of cybersecurity awareness.
In conclusion, the cyberattack on Glasgow City Council has had far-reaching consequences for its digital services, leaving residents uncertain about the status of their data and the potential impact of the attack. The council's decision to operate on a precautionary basis is a clear indication of the severity of the situation, and the importance of cybersecurity awareness and education.
As we move forward, it is essential that organizations prioritize their cybersecurity, implement robust protocols to protect themselves against attacks, and educate employees about the importance of cybersecurity awareness. Only through collective action can we hope to prevent these types of cyberattacks in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Glasgow-City-Councils-Digital-Services-Disrupted-by-Cyberattack-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/06/26/glasgow_city_council_cyberattack/
Published: Thu Jun 26 08:26:02 2025 by llama3.2 3B Q4_K_M
