Hackers access personal data as housing provider falls victim to cyber attack
- Credit: Flagship Group
Hackers have gained access to the personal details of customers and staff after a housing provider fell victim to a cyber attack.
Flagship Group revealed a “major IT incident” had occurred on Sunday (November 1), taking most of its systems offline and “limiting” services.
It said the attack had been caused by ransomware known as Sodinokibi, via a suspected phishing attack.
Despite the company’s “quick action”, personal date belonging to some customers and staff was “compromised”.
Flagship’s chief executive said it was working to “ensure our customers are safe”.
You may also want to watch:
In a statement, the company added: “Whilst the investigation is still ongoing by internal and external specialists, we can confirm that the incident was caused by ransomware.
“We have continued to proactively take steps to contain the spread of the ransomware, which have been successful.
- 1 Phil and Jill still going strong after 74 years together
- 2 Health bosses step up effort to vaccinate vulnerable communities
- 3 Further walk-in vaccination clinics being held across Norfolk and Waveney
- 4 Lorry driver, 75, denies causing A140 motorist's death by careless driving
- 5 Man denies arsons which caused £680k damage and killed 50 pigs
- 6 Election 2021: Norfolk County Council candidates published
- 7 Funeral arrangements for Prince Philip confirmed
- 8 Pubs and shops open on Monday: what can I do when restrictions are eased?
- 9 Village post office set to reopen after flooding damage
- 10 What will the weather be like this week for outdoor reopening?
“However, we can confirm that, despite our quick action, there has been some data encryption, and that some personal customer and staff data has been compromised.
“We do not yet have a complete picture of all the data that has been encrypted.”
Having discovered the attack, Flagship took all its systems offline to prevent the issues from spreading further across its network.
The housing group says “detailed forensic analysis” is under way and it is working towards recovery of its systems.
David McQuade, chief executive of Flagship Group said: “We take the privacy and security of our customer and staff data very seriously, and we’re very sorry that it has been compromised.
“Over the last few days, the incident has caused considerable disruption to staff and customer services, and we are concentrating on emergency situations to ensure our customers are safe.
“Our teams are working tirelessly around the clock to bring our systems back online, and we apologise for any inconvenience this may have caused.”
Police have opened an investigation into the attack, and the company says it is “working towards resuming normal operations as quickly as possible.”
Flagship has notified the Information Commissioner’s Office (ICO), Action Fraud and the Regulator of Social Housing, and sought advice from the National Cybersecurity Centre and National Crime Agency.