The recent cyberattack in Greater Manchester has sent shockwaves through the local councils, compromising their security and putting thousands of residents at risk of falling victim to a phishing scam. The attack originated in a single borough but quickly spread to impact housing websites managed by Locata, a software company that provides services to councils across the UK.
The cyberattack, which was first detected on July 29, targeted the housing portals for Manchester, Salford, and Bolton councils. Locata took immediate action by suspending the affected websites to address the breach. The attack resulted in the distribution of phishing emails containing false instructions to “activate your tenancy options”, prompting users to divulge personal data.
In response to the breach, Locata issued a statement confirming the cyberattack and assuring the public that they were working with third-party IT experts to investigate the incident. Manchester City Council, overseeing the Manchester Move platform, reported that only the publicly accessible portion of the website had been affected by the phishing scam. While only limited personal information was compromised, the website remains offline as officials work to secure users’ data, advising affected individuals to follow guidelines provided by the UK National Cyber Security Centre.
Salford City Council also took precautionary measures by temporarily shutting down its Home Search website and urging users to stay vigilant for suspicious emails and monitor their bank accounts for any abnormal activity. Similarly, Bolton’s housing service, Homes for Bolton, is currently offline for maintenance, with affected residents advised to be on the lookout for phishing emails and take necessary steps if they suspect their data has been compromised.
Local authorities have issued recommendations for individuals affected by the cyberattack, emphasizing the importance of monitoring bank accounts for unusual transactions and promptly reporting any suspicious activity to their banks. In addition, updating passwords for accounts using the same credentials as the compromised account and considering a free credit report to detect signs of identity theft are recommended actions.
Manchester City Council has taken further action by reporting the incident to the Information Commissioner’s Office (ICO), the UK’s data protection regulator, to ensure a thorough investigation and implement preventive measures for future incidents. Locata has expressed remorse for the disruption caused by the cyberattack and is working diligently to secure the affected systems and prevent similar incidents in the future.
As the investigation into the Greater Manchester cyberattack continues, affected individuals are advised to remain vigilant and follow cybersecurity best practices to safeguard their personal information and financial assets. The repercussions of this breach serve as a stark reminder of the critical need for robust cybersecurity measures to protect against malicious threats in the digital age.