Three London local authorities — Kensington and Chelsea, Westminster, and Hammersmith & Fulham — were forced to shut down parts of their IT networks and phone lines on Wednesday after a major cyberattack, prompting emergency responses across the councils.
Joint IT System Targeted
Kensington & Chelsea and Westminster councils, which share IT infrastructure, confirmed the incident and said their immediate priorities are to:
- Protect systems and data
- Restore services
- Maintain essential public functions
Westminster City Council covers some of the UK’s most sensitive and symbolic sites, including Buckingham Palace, Parliament, and 10 Downing Street, raising additional security concerns.
Ransomware Suspected
Cybersecurity expert Kevin Beaumont identified the attack as a ransomware incident affecting the shared IT services provider used by all three councils.
Impact on Services
- Hammersmith & Fulham Council also reported disruptions.
- Staff were warned not to click links or open emails from colleagues at affected councils, indicating possible account compromise.
- Hackney Council issued phishing warnings after receiving intelligence suggesting multiple London councils were being targeted.
Investigation Underway
- The councils have notified the UK Information Commissioner’s Office as required.
- No confirmations have been made yet regarding data theft or resident information breaches.
- Kensington said the cause has been “established,” but no details will be released due to ongoing investigations with law enforcement.
Public Services at Risk
The impacted councils manage essential services including:
- Housing
- Social services
- Waste collection
Authorities are working to restore operations while ensuring public safety and data protection.
