Cyber attack on Sunderland City Council database: Investigation after library users' personal data accessed by hackers
Hackers have accessed users' personal details in a cyber attack on Sunderland City Council's library database.
Council chiefs are warning users to be vigilant after a number of customers' details were accessed during a cyber incident involving the library services customer database. This resulted in the unauthorised access to the details of 45 of the 145,000 user accounts on the database, including names, dates of birth and telephone numbers. The council said it is working with the external company which hosts and provides the database and the Information Commissioner's Office to investigate the incident. Fiona Brown, the council's executive director of neighbourhoods, said: "We are working with them to thoroughly investigate what happened and implement any remedial measures necessary to minimise the chances of this happening again. "While there is no evidence to suggest that this data has been used inappropriately, we are urging library users to be extra vigilant especially when putting any personal details online or responding to any requests for their information if they're unsure who the request has come from. She added: "At this stage of the investigation the external company which provides and hosts the database hasn't been able to identify which 45 customers' details have been accessed, which is why we are urging all library users to be vigilant. "The type of data accessed can be used as a starting point to seek further information about a person to commit identity theft or fraud. "We take the issue of cyber security extremely seriously and have robust procedures in place to guard against data loss including the use of encryption and other practical measures. "That includes reviewing and reinforcing existing security measures, and liaising with the Information Commissioner’s Office and other regulatory authorities. Ms Brown said cyber crime is a "constantly evolving and fast-moving arena" and, as well all organisations, the authority faced "daily challenges to adapt to the pace, volume and sophistication of attacks". She said: "We have extensive technological and organisational measures to secure our customers’ personal information, and require all our contractors to provide evidence that they have the same measures in place." Additional advice and guidance is available on the council website: https://www.sunderland.gov.uk/article/12181/Cyber-crime-and-on-line-safety-advice