No evidence of stolen data in Glasgow cyber attack

Glasgow City Council has found no evidence of any data being stolen in a cyber attack that took a number of services offline in June.

The local authority also says there has been no sign of any data being leaked or misused after the incident, but advised people to remain cautious.

Technology services supplier CGI discovered malicious activity on servers managed by a third-party supplier on 19 June.

A number of online services, including paying penalty charges and reporting school absences, became unavailable due to the council taking servers offline.

No financial systems were affected by the attack and no details of bank accounts or credit/debit cards processed by those systems were compromised.

A spokesperson for the council said: "As part of our investigation, experts are monitoring online activity and, to date, there has been no evidence of any data being leaked or misused.

"However, until forensic examinations of the affected servers are complete - and we can be confident whether any data has been stolen - we are advising anyone who has used any of the affected forms to be particularly cautious about contact claiming to be from Glasgow City Council."

Some services, such as public freedom of information requests, can be accessed again while workarounds are being developed for other affected systems.

Police Scotland are involved in investigating the incident, along with the council, the Scottish Cyber Co-ordination Centre and the National Cyber Security Centre.

A number of Scottish public bodies have been hit by cyber attacks in recent months, including a ransomware group targeting NHS Dumfries and Galloway last year which saw stolen files published online.