Cyber Incident Victim: Gloucester City Council
Date:
Dec 2021
Location:
United Kingdom
Summary
A cyber attack disrupted Gloucester City Council's online services, impacting revenue and benefits systems, planning applications, and customer service portals. The incident left residents unable to access critical forms for housing benefits, council tax support, and pandemic-related payments, prompting the organization to request direct email communication for urgent issues. The council collaborated with the National Crime Agency and National Cyber Security Centre to investigate the attack and restore systems, prioritizing urgent customer needs while working to safely reinstate full functionality.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 20 December 2021, Gloucester City Council experienced a cyber attack that disrupted multiple critical online services. The incident immediately crippled the council’s website, affecting systems handling revenue and benefits, planning applications, and customer service portals. Residents lost access to interactive forms required for housing benefit claims, council tax support applications, test and trace support payments, and discretionary housing payments. The planning application portal also became unavailable, halting development-related submissions. Council representatives confirmed the attack eleven days after its occurrence, stating restoration efforts were ongoing with assistance from the National Cyber Security Centre (NCSC) and National Crime Agency (NCA). A council spokesperson acknowledged the severity of the disruption but provided no specifics regarding the attack’s origin or methodology.
The council prioritized managing urgent customer issues while collaborating with national agencies to restore systems securely. Residents were advised to contact the council via email for immediate assistance and to monitor the council’s website for updates, though no estimated restoration timeline was provided. The NCA and NCSC declined to comment on investigative details but confirmed their involvement in assessing the incident and supporting recovery operations. Service disruptions persisted as of the last reported update on 20 December, with no public confirmation of full system restoration or data compromise. The council emphasized efforts to minimize operational impacts but reiterated the complexity of resolving the attack safely.