Oxford City Council warns it suffered a data breach where attackers accessed personally identifiable information from legacy systems.
The incident has also caused an ICT service disruption, as announced on the website, and although most of the impacted systems have been brought back online, the remaining backlogs may continue to cause delays.
Oxford City Council is the local government authority responsible for managing critical public services, such as housing, planning, waste collection, environmental health, and elections, in Oxford, England.
The authority serves a population of around 155,000 residents, but its influence extends further due to the city's international prominence through the University of Oxford, tourism, and research institutions.
A statement on its website explains that attackers gained unauthorized access to some of its systems and databases, which host personal information.
Based on the preliminary investigation, the impacted system contained information on former and current Council officers between 2001 and 2022.
"Unfortunately, the attackers were able to access some historic data on legacy systems," reads the statement published on the Oxford City Council website.
"We have now identified that people who worked on Oxford City Council-administered elections between 2001 and 2022, including poll station workers and ballot counters, may have had some personal details accessed."
The statement claims there's no evidence that the exposed data has been further disseminated. Also, there's no mention of citizen data having been compromised.
BleepingComputer has contacted Oxford City Council to specify if citizen data was stored in the accessed databases, and we will update this post with their response.
... continue reading