Cyber-attack on the library database of Sunderland City Council

The library database users of Sunderland City Council are warned by Council chiefs to remain vigilant, after a few customers' details have been accessed in a cyber-incident involving library services customer database. The recent cyber-incident resulted in unauthorised access to personal details, including names, telephone numbers and dates of birth, of 45 users out of 145,000 user accounts on library database.

The Council said that it is currently working with external company that hosts as well as provides the database. The Council added that it is also working with Information Commissioner's Office for investigating this cyber-incident. Fiona Brown, council's executive director of the neighbourhoods, said that "we are working with them to thoroughly investigate what happened and implement any remedial measures necessary to minimise the chances of this happening again".

Brown said that while no evidence is there to suggest this data was used inappropriately, they are urging the library users to remain extra cautious especially at the time of putting any type of personal information online or while responding to any kind of requests for their personal information if they are not sure from whom that request has been made. She added that at the current stage of investigation, the outside (i.e. the external) company that hosts as well as provides the database still has not been able to find which 45 customers' information were accessed, which is the reason they are urging all the library users to remain vigilant.

Brown said that "the type of data accessed can be used as a starting point to seek further information about a person to commit identity theft or fraud". She also added that they take the cyber security issue very seriously and have strong procedures in place so as to guard against the data loss including use of encryption along with other practical measures. This includes reviewing as well as reinforcing the existing security measures, along with liaising with Information Commissioner's Office and the other regulatory authorities.

Cybercrime is a continuously evolving as well as fast-moving arena and the authority faced "daily challenges to adapt to the pace, volume and sophistication of attacks", said Brown. She added that "we have extensive technological and organisational measures to secure our customers' personal information".

» SPAMfighter News - 6/7/2019