In a concerning breach of data security, hackers have targeted the Royal Borough of Kensington and Chelsea’s council website, compromising the personal information of potentially over 100,000 residents. This cyber-attack has specifically affected some of the UK’s wealthiest citizens, underscoring the far-reaching implications of such digital intrusions.

The breach was uncovered on November 24 by council staff. Upon discovery, the Metropolitan Police and the National Cyber Security Centre were promptly called in to investigate the breach and mitigate any further risk. The situation remains under scrutiny as authorities work to understand the full scope of the cyberattack.

According to a statement from Kensington and Chelsea Council, the stolen files likely include a variety of sensitive data and personal information belonging to residents. The council is in the process of conducting a thorough review to determine the exact nature of the compromised information, with an emphasis on identifying any data that could endanger vulnerable individuals.

The council has acknowledged that it will be some time before all services are fully restored. In the meantime, they are making it a priority to perform exhaustive checks to ensure that all sensitive personal data is accounted for and safeguarded.

Kensington and Chelsea Council has assured residents that it will continue to update them as the investigation progresses, striving to maintain transparency in this challenging period. The incident serves as a stark reminder of the importance of cybersecurity measures in protecting personal information in our increasingly digital world.

In a statement it said it is ‘prioritising checks for any sensitive personal data or information about vulnerable individuals, but it will take months to check everything thoroughly.’

The council has already contacted more than 100,000 households over the cyberattack. 

The council said it is ‘possible’ the stolen date ‘could be misused or published’ but that it is working with law enforcement to plan for this scenario. 

Cyber criminals accessed the site containing files belonging to the Royal Borough of Kensington and Chelsea, copied and stole the data, it was revealed last month (Pictured: Headquarters of the Royal Borough of Kensington and Chelsea)

Residents’ data is among the files taken by the hackers, and is expected to include ‘sensitive data and personal information’, Kensington and Chelsea Council said (stock image)

Data belonging to Westminster City Council and Hammersmith and Fulham Council has also been affected. 

When the attack was first discovered, the Royal Borough of Kensington and Chelsea initiated emergency proceedings and some staff were forced to work from home.

Westminster City Council said only ‘limited data’ had been affected and it has set up a dedicated phone line for concerned residents to contact. 

A message on Hammersmith and Fulham Council’s website today said: ‘Due to a cyber security incident in a neighbouring borough, we are continuing to undertake a series of enhanced security measures and carefully investigate the impacts on all our systems and services.’

It added some online services for residents remain unavailable. 

Councils in the UK have faced a rise in attempted cyberattacks in recent years, with hackers targeting an increasing range of organisations from supermarkets to nurseries. 

Kensington and Chelsea Council alone received more than 113,000 phishing attempts between June and September last year.

The Information Commissioners’ Office has been informed of the data breach. 

Kensington and Chelsea is ranked in the top 10 percent of local authorities in the UK Prosperity Index.

Data from last month shows the average house price in the borough is £1.2 million and it is home to countless celebrities and elites.

However it is also home to some of the country’s poorest, with one in four children in the borough growing up in poverty, figures from 2020 show.

Cllr Elizabeth Campbell, Leader of Kensington and Chelsea Council, said: ‘Being given the news that we are under attack is what no Council leader wants to hear, but like any public body, there was always that possibility. 

‘To counter this threat, we had invested significantly in our digital, data and technology services and had up to date cyber defence systems. That system worked well mitigating the damage.

‘Our IT team has been fighting back, investigating the cause, and assessing the impact. 

‘We are certain that we are taking all the right steps and we are hugely grateful to have the expertise of the NCC Group to advise and support us. Their wealth of experience helping the British Library, universities and other authorities recover from cyber attacks is reassuring as we begin to recover and rebuild.’

A spokesperson for the Met Police said: ‘The MPS Cyber Crime Unit are leading the criminal investigation and enquiries are ongoing. No arrests have been made at this stage.

‘At this stage, we are unable to go into details around what information has been accessed and would advise contacting the relevant authorities.’