Cyber Incident Victim: Redcar and Cleveland Council

On or around February 7-8, 2020, Redcar and Cleveland Council experienced a significant disruption to its online services following a suspected cyber-attack targeting its IT servers. The council’s website became inaccessible starting Saturday morning, February 8, disrupting public access to critical services including council tax payments, problem reporting, and planning or licensing application views. Independent council member Colin Monson characterized the incident as a "serious disaster" during a Governance Committee meeting, urging a comprehensive review of the authority’s disaster recovery systems. The council confirmed it was investigating the incident as a potential cyber-attack but stated there was no evidence of compromised personal data. Initial response efforts involved the council’s internal IT team working through the weekend to address the outage, with limited progress reported in restoring full functionality.

By Tuesday, February 11, the council escalated its response by bringing in additional external experts to assist with recovery efforts. Communication channels remained severely constrained, with the council acknowledging limited email and phone capacity and prioritizing only urgent inquiries. The disruption impeded residents’ ability to conduct routine transactions and access public information, though the council did not specify the duration of the outage or the full scope of affected systems beyond its website and related servers. Authorities collaborated with the council during the investigation, though no attribution or specific attack vector was disclosed publicly. Recovery efforts focused on restoring operational stability while maintaining adherence to security protocols. The incident underscored vulnerabilities in the council’s IT infrastructure, prompting internal scrutiny of resilience measures without immediate public disclosure of corrective actions.