Cyber Incident Victim: Canterbury City Council

On or around January 1, 2024, Canterbury City Council, Dover District Council, and Thanet District Council in Kent, UK, experienced a cybersecurity incident that disrupted public-facing online services. The three councils jointly announced on January 19, 2024, that they were investigating the incident, which forced them to take multiple systems offline as a precautionary measure. The disruption affected potentially hundreds of thousands of residents who rely on digital services for council operations. Canterbury City Council's website explicitly warned residents they couldn't apply for services, report issues, pay bills online, search planning applications, or use online mapping tools. Dover and Thanet districts reported similar disruptions to online forms and payment systems. All three councils confirmed they were working with the UK National Cyber Security Centre (NCSC), which acknowledged it was assessing the incident's impact.

The disruption was linked to an outage at EK Services, an organization established by the three councils in 2011 to provide shared IT, HR, call center, benefits administration, and debt recovery services. EKS's website became inaccessible during the incident, and payment systems operated through EKS were confirmed unavailable. Civica, which acquired EKS services in 2018 under a seven-year outsourcing contract, stated the incident didn't originate from their systems but offered support to affected councils. Council spokespersons including Robert Davis (Canterbury) emphasized no evidence of customer data compromise had been found during initial investigations, though full forensic analysis remained ongoing. The councils and NCSC declined to specify whether the breach occurred in internal systems or third-party infrastructure, and EKS representatives couldn't be reached for comment despite multiple contact attempts. Service disruptions persisted at the time of reporting, with no restoration timeline provided.