Three local councils in the UK are still experiencing disruption to their online services, a week after it was confirmed that a cyberattack had taken some systems down.
Canterbury, Dover and Thanet councils – all located in the UK county of Kent with a combined population of nearly 500,000 – said last week they were jointly investigating an unspecified “cyber incident” that disrupted online council tax payments and forms.
There are still questions about the incident, including whether personal data was accessed. Canterbury City Council spokesman Robert Davis told TechCrunch last week that the council’s initial investigation indicates customer data was not accessed.
However, the UK Information Commissioner’s Office told TechCrunch on Friday that the data regulator had received a report on the breach from the three councils.
“We have received breach report forms from three councils in Kent that form a tripartite partnership service: Thanet District Council, Dover District Council and Canterbury District Council, and we will be making inquiries,” ICO spokeswoman Rachana Fegerstaff said.
TechCrunch understands that the ongoing incident is linked to EKS or East Kent Services. EKS was set up by Canterbury, Dover and Thanet in 2011 before being outsourced to Civica in 2018, and is used by the three councils to deliver a number of IT and HR services, including payments, benefits and debt recovery.
TechCrunch found last week that some of Canterbury City Council’s payment systems, which are provided by EKS, were unavailable. These services remain down at the time of writing — as does the EKS website, which has now been offline for at least seven days.
TechCrunch has contacted several people at EKS but has not yet received a response. The company has not yet issued a public statement about the cyberattack, the nature of which remains unknown.
according to Share Mastodon From security researcher Kevin Beaumont, EKS’s Pulse Secure VPN server is also offline, suggesting a possible link to the widespread exploitation of two critical vulnerabilities in the company’s widely used Ivanti VPN hardware.
The incident continues to cause disruption to hundreds of thousands of people in Kent.
Davies, a spokesperson for Canterbury City Council, did not respond to questions sent by TechCrunch on Friday, but a notice on Council website It notes that residents are still unable to “apply for, report or pay for most services online at this time” while it continues to investigate the incident.
Dover District Council spokesman Andy Steele also did not respond to TechCrunch’s questions, but the council also confirmed in a statement Updated notice It “continues to experience technical difficulties” with some of its systems, including benefits, council tax and the business rates portal. The Council notes that the issues affecting its online forms have been resolved.
Thanet District Council spokeswoman Claire Winter shared an updated statement with TechCrunch, which was also Published on the Council’s website. “Thanet District Council is currently restricting access to a number of its online systems,” the statement read. “This is a proactive decision following reports of a potential security incident.”
Canterbury and Thanet councils noted in their statements that the discontinued IT services, which include online forms and planning applications, are not provided by Civica.
In an email to TechCrunch on Friday, Civica spokesperson Fintan Hastings confirmed that Civica’s systems were not affected. Hastings said Civica does provide tools to monitor and manage information assets such as applications, infrastructure, operational delivery and IT assets, but added that Civica provides councils with revenue, interest, debt recovery and client services.