A coordinated cyber incident disrupted multiple IT systems and phone lines across the **Royal Borough of Kensington and Chelsea (RBKC) and Westminster City Council (WCC)**, which share critical infrastructure. The attack also affected the **London Borough of Hammersmith and Fulham** due to interconnected IT services. While investigations are ongoing, the councils confirmed no immediate evidence of data compromise but acknowledged potential risks to resident and operational data. The incident prompted **Hackney Council** to elevate its cybersecurity threat level to *critical* as a precaution.Authorities collaborated with the **National Cyber Security Centre (NCSC)** and external experts to contain the breach, restore services, and mitigate further damage. The attack exposed vulnerabilities in **shared public-sector IT frameworks**, where a single breach can cascade across dependent organizations, disrupting essential services for hundreds of thousands. Experts emphasized the urgent need for **segmented, resilient networks** and modernized legacy systems to counter evolving AI-driven cyber threats. The financial and reputational fallout remains unclear, but service outages and public concern over data security persist as the investigation continues.
Source: https://nationaltechnology.co.uk/London_Councils_Hit_By_Cybersecurity_Incident.php
TPRM report: https://www.rankiteo.com/company/royal-borough-of-kensington-and-chelsea
"id": "roy3232632112625",
"linkid": "royal-borough-of-kensington-and-chelsea",
"type": "Cyber Attack",
"date": "11/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': 'residents (hundreds of '
'thousands)',
'industry': 'public sector',
'location': 'London, UK',
'name': 'Royal Borough of Kensington and Chelsea '
'(RBKC)',
'type': 'local government'},
{'customers_affected': 'residents (hundreds of '
'thousands)',
'industry': 'public sector',
'location': 'London, UK',
'name': 'Westminster City Council (WCC)',
'type': 'local government'},
{'industry': 'public sector',
'location': 'London, UK',
'name': 'London Borough of Hammersmith and Fulham',
'type': 'local government'}],
'customer_advisories': ['joint public statements acknowledging concerns and '
'outlining response efforts'],
'date_detected': '2024-03-11T00:00:00Z',
'date_publicly_disclosed': '2024-03-12T00:00:00Z',
'description': 'Several London councils, including the Royal Borough of '
'Kensington and Chelsea (RBKC), Westminster City Council '
'(WCC), and potentially the London Borough of Hammersmith and '
'Fulham, experienced a cyber incident impacting multiple '
'systems, including phone lines. The incident was quickly '
'identified on Monday morning, and investigations are ongoing '
'to determine if any data was compromised. The councils are '
'working with specialist cyber incident experts and the '
'National Cyber Security Centre (NCSC) to protect systems, '
'restore services, and maintain critical operations. Hackney '
'Council, though not directly impacted, raised its '
"cybersecurity threat level to 'critical' in response.",
'impact': {'brand_reputation_impact': 'potential erosion of public trust in '
'council services',
'operational_impact': 'disruption of critical services for '
'residents',
'systems_affected': ['phone lines', 'shared IT systems']},
'investigation_status': 'ongoing',
'lessons_learned': ['Shared IT infrastructure among public services creates '
'systemic vulnerabilities, where a breach in one entity '
'can compromise partners.',
'Cost-saving IT models must be balanced with investments '
'in resilient, segmented networks to contain threats.',
'Prevention-only cybersecurity strategies are '
'insufficient; ongoing preparedness and resilience are '
'critical.',
'Modernization of aging technology is essential to '
'counter rapidly evolving AI-driven cyber threats.'],
'recommendations': ['Invest in resilient, segmented networks to isolate and '
'contain cyber threats.',
'Shift from prevention-only mindsets to strategies '
'emphasizing preparedness, resilience, and rapid '
'response.',
'Modernize legacy IT systems to address vulnerabilities '
'exploited by advanced cyber-criminal tools (e.g., AI).',
'Integrate digital transformation with cyber resilience '
'initiatives to strengthen defenses against '
'industrial-scale attacks.',
'Enhance collaboration with cybersecurity experts and '
'national agencies (e.g., NCSC) for incident response and '
'recovery.'],
'references': [{'date_accessed': '2024-03-12',
'source': 'Joint statement by RBKC and WCC'},
{'date_accessed': '2024-03-12',
'source': 'Huntress (Dray Agha, Senior Director of Security '
'Operations)'},
{'date_accessed': '2024-03-12',
'source': 'Public Digital (Dai Vaughan, Chief Technology '
'Officer)'}],
'response': {'communication_strategy': ['joint public statements',
'updates to residents and partners in '
'coming days'],
'incident_response_plan_activated': True,
'recovery_measures': ['maintaining critical services'],
'remediation_measures': ['protecting systems and data',
'restoring systems'],
'third_party_assistance': ['specialist cyber incident experts',
'National Cyber Security Centre '
'(NCSC)']},
'stakeholder_advisories': ['updates to residents and partners in coming days'],
'title': 'Cyber Incident Affecting Multiple London Councils',
'type': ['cyberattack', 'system disruption']}