Kensington and Chelsea (Parliament Politics Magazine) – Kensington and Chelsea Council, hit by a major cyber attack, warns services take months to recover and full review will be launched when conditions allow.
The National Cyber Security Centre (NCSC), the nation’s cybercrime agency, and the information watchdog will collaborate with the authority to determine what transpired, according to Kensington and Chelsea Council leader Elizabeth Campbell.
In order to investigate how the hack affected their shared infrastructure and
“in the future to protect ourselves even more than we did on this occasion,”
she has also pledged to collaborate with the heads of Westminster City Council and Hammersmith and Fulham Council.
While a recent update on the council’s website stated that its current emphasis was
“tackling the issues the attack has created and getting services fully running and systems back online,”
Cllr. Campbell did not specify when the review would take place. Last Wednesday, December 3, during Full Council, the leader thanked the employees who she said worked “day and night” and cautioned about potential setbacks as the council heals.
She said:
“This is a complex issue, but people are working hard to overcome challenges and keep this council running as well as it possibly can. Our main aims will be to support residents who need us, fix things as quickly as possible, and to be transparent with the public on where we are on this recovery journey.”
Advisors warn of weeks of disruption, and in certain situations, “it could be months,” she continued.
She said:
“Let me be crystal clear: this remains an incredibly serious incident. We expect disruption to continue for at least two weeks and the ramifications to rumble on for months after that.We will continue to tackle this incident with honesty, professionalism and absolute determination.
Our priority is to protect our residents, restoring our systems and ensuring that services remain resilient. We will keep members and the public updated.”
Although it was still unknown whether the data contained any fiscal or particular information, Cllr. Campbell stated that the council had been” honest and outspoken” about the data breach. She also could not fully rule out the chance that it may become public knowledge.
While systems were taken offline to help the bushwhackers from getting further data, she said the council’s cyber defense measures worked to lessen the damage. She stated that the council was most oppressively damaged, that the attack most likely began on its structure, and that it’ll take longer to rebuild as a result.
Maxine Holdsworth, the chief executive of Kensington and Chelsea Council, stated during Wednesday’s Full Council that the authority was the target of a cyberattack last Monday, November 24, and that by midday, cyber security experts were working there.
Systems were taken offline, according to her, in order to “both protect the council’s data and the systems.” The event was reported to the NSCS and the Metropolitan Police on the same day, she claimed, and an emergency command center was established.
Residents have been made aware of the data leak, she said, and using the council’s website which she claimed was secure may become more challenging.
She said:
“The work to make sure these systems are fully safe and to bring into full operation continues and is following best practice steps. The command arrangements will continue at least until this time next week.”
The council acknowledged that the NCC group, cyber security specialists who assisted the British Library in recovering from a cyberattack, as well as other local government agencies and academic institutions, are advising it.
On the afternoon of November 25, the council informed the public about the cyberattack. The council claims that although it was aware of “unusual activity” early on Monday, November 24, it was initially unclear what it was.
When it learned of a data breach, it acted quickly and notified residents as soon as possible, including on Friday, November 28. According to posts from the council’s official X account, the council claimed to be having “some system issues” prior to the alarm on November 25.
The council stated that it is unable to say further since an investigation into the incident with crime authorities is still underway. It added that it is still unsure of the attacker’s identity and motivation.
The council stated in its most recent update on December 3 that while other more digitally dependent services continue to be affected, many on-street services, including twice-weekly rubbish collections and street cleaning, will continue as usual.
Residents who pay council tax by Direct Debit may encounter difficulties, according to the council, since payment will be collected later once its systems are operational again rather than on the regular date.
In order for the payment to be collected when the service resumes, residents are being advised to keep the money in their account. They stated that although Direct Debit is currently temporarily unavailable, other payment options are still safe and functional, and that business rates and council tax are still due and payable.
The council added that the cyberattack happened at the same time as its internal foster care providers’ weekly pay run. It is currently working on a solution to guarantee that payments are completed and that any outstanding balances are updated and paid.
Additionally, the authorities stated that if rent is due but cannot be collected due to current cyber difficulties, no one will be liable to rent arrears action.
The council said on Friday that some of its data had been “copied and taken away.” According to the council, the breach only affects literal data, which is allowed to comprise archived data from 2006 to 2020.
The information hasn’t been stolen, but” it is possible it could end up in the public sphere,” according to an internet post.
What steps is the council taking to restore critical services and timelines?
Kensington and Chelsea Council (RBKC) is taking phased ways to restore critical services following the November 24, 2025, cyber attack, prioritizing constraint, data integrity, and gradational system recovery.
linked breach cause and shut down affected networks as palladium, limiting hacker access. Staff work ever via guest Wi- Fi/ mobile hotspots; essential services( e.g., vulnerable resident support) maintained manually/ offline. uniting with National Crime Agency( NCA), National Cyber Security Centre (NCSC/ GCHQ), Metropolitan Police, and Information Commissioner’s Office( ICO) for disquisition.
Rebuilding restoring systems in insulated, secure surroundings; phone lines online forms( council duty, parking) prioritized. Posted indispensable contact figures online; client service centre at Kensington Town Hall opened weekends (e.g., Nov 29- 30).
