Leicester: Data taken in council cyber-attack 'could be sold by hackers'

Simon Ward - Reporter, BBC East Midlands Today
·2 min read
Leicester City Hall
Police and the National Cyber Security Centre are investigating the attack [BBC]

Hackers behind a cyber-attack at Leicester City Council could be selling stolen data, an expert has warned.

Police are still investigating after the council was forced to disable its phone and computer systems on 7 March.

The council confirmed 25 documents had been posted online on 3 April, with a "much larger batch" released on Tuesday.

Ismini Vasileiou, associate professor of information systems at De Montford University, said action is being taken.

"Hopefully, the police will be able to get at the bottom of it and be able to remove [stolen] data from the dark web," she said.

Ismini Vasileiou
Ismini Vasileiou is associate professor of information systems at De Montford University and director of the East Midlands Cyber Security Cluster [BBC]

The BBC understands a ransomware group called INC Ransom has claimed responsibility for the attack, with one theory suggesting stolen data will be sold to criminals making fake passports.

A large amount of personal information has already been uploaded to the dark web, with files downloaded at least 120 times, but it is possible investigators may be able to fight back and remove that data.

Leicester City Council said no ransom demand has been made at this stage.

Dr Vasileiou, who is also director of the East Midlands Cyber Security Cluster, said the criminal uses for the data "can go in any direction".

"At this stage, it is quite unknown, because we don't know how they're packaging the data to be resold elsewhere," she said.

"That unknown scares any user, Leicester City Council, and [is] why we are taking it very seriously."

Follow BBC East Midlands on Facebook, on X, or on Instagram. Send your story ideas to eastmidsnews@bbc.co.uk or via WhatsApp on 0808 100 2210.