Lincolnshire council shuts down all IT after alleged 0-day breach
Medical records, addresses, dates of birth, and bank details all exposed according to insider
A 0-day security breach at Lincolnshire County Council has exposed locals' medical records, addresses, and bank details, claimed an anonymous tipster, though the council denies any data was stolen.
The breach was reported by The Lincolnite, which stated "anonymous reports from inside the council" suggested a major breach of its "main adult care system" had spaffed the sensitive personal information of constituents.
Talking to The Register this morning, a council spokesperson denied that any data had been lost and claimed an email attachment with a zero-day exploit had managed to infect its internal system after being sent to multiple members of staff.
In addition, The Lincolnite reported that another system which stored staff details and bank details, as well as "the G Drive, which holds various other documents and forms", had been breached.
According to the local paper's source, emails were not initially affected by the breach, however the attackers' access seems to have been extended to include them.
The council's response has been to order staff to "close their computers and turn the power off."
Judith Hetherington Smith, the council's CIO, told the local paper that the council "closed down our systems very quickly to protect the data and are investigating the cause but at this stage have found no evidence of any breach."
A spokesperson for Lincolnshire County Council added that, "as a precautionary measure, [we] have suspended IT use until the extent of it is clear."
The shutdown seems to be affecting all of the council's systems.
Libraries are open as usual but please be aware that the computers are currently unavailable due to a malware attack— Lincs County Council (@LincolnshireCC) January 27, 2016
As part of a campaign into UK councils' cyber security conducted last year, The Register was told that Lincolnshire County Council's AV solution(s) - the specifics of which the council declined to disclose - had thrown up 196,553 malware alerts in 2015.
The Register has learned that the council has outsourced its IT operations to Serco since last April, although what AV solutions the outsourcer company uses has not been disclosed.
The council told us that there had been 32 malware infections, via email, over that period. The areas and machines affected were not recorded, however. ®
Sponsored: DevOps and continuous delivery