Several London councils are currently facing significant service disruptions caused by an ongoing coordinated cyberattack targeting their shared IT infrastructure. The councils affected include the Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council, Hammersmith and Fulham Council, and Hackney Council. The attack began over the weekend and was first publicly confirmed on Monday, November 24, 2025[1][2][4].
The cyberattack has disrupted multiple council systems, incl...
The cyberattack has disrupted multiple council systems, including phone lines, email services, public-facing websites, and resident contact platforms such as call centers and online reporting tools. Phone systems have been down in several locations, and email systems are compromised or under close monitoring. As a result, residents have experienced significant difficulties in accessing council services and communicating with local authorities[2][3][5].
The affected councils share IT services, which experts belie...
The affected councils share IT services, which experts believe is the likely point of compromise. Industry specialists have suggested that a shared service provider or managed service provider (MSP) might have been targeted, enabling the attackers to impact multiple boroughs simultaneously rather than each council being individually attacked[1][7].
In response, the councils have activated emergency protocols...
In response, the councils have activated emergency protocols to maintain critical services, prioritizing support for vulnerable residents. IT teams have been working through the night to implement mitigations and restore systems. Hackney Council, which previously suffered a major ransomware attack in 2020, has raised its internal cyber threat level to "critical" and issued urgent warnings to staff to guard against phishing and social engineering attacks[2][5][8].
The councils have been collaborating closely with the UK’s N...
The councils have been collaborating closely with the UK’s National Cyber Security Centre (NCSC), the Information Commissioner’s Office (ICO), and the Metropolitan Police Cyber Crime Unit. The ICO has been notified as part of regulatory compliance, and investigations are ongoing to determine the scale of the breach and whether any personal data has been compromised. At this stage, officials have not identified the perpetrators or motives behind the attack[1][4][5][6][8].
A spokesperson for the NCSC confirmed awareness of the incid...
A spokesperson for the NCSC confirmed awareness of the incident and stated that specialist teams are working to understand the potential impact and assist the councils in managing the threat. The Metropolitan Police confirmed receiving a referral from Action Fraud and are conducting inquiries, though no arrests have been made so far[5][6].
The incident has raised broader concerns about the security...
The incident has raised broader concerns about the security of shared IT infrastructures in local government, highlighting vulnerabilities that could be exploited by cybercriminals to disrupt essential public services across multiple jurisdictions simultaneously[7].
Local authorities have apologized for the inconvenience caus...
Local authorities have apologized for the inconvenience caused to residents and assured the public that every effort is being made to restore full service functionality as quickly as possible while maintaining the security and integrity of council systems[1][2][5].
🔄 Updated: 11/26/2025, 7:30:36 PM
Several London councils, including Kensington and Chelsea, Westminster, Hammersmith & Fulham, and Hackney, are facing significant service disruptions due to a coordinated cyberattack targeting shared IT infrastructure. Experts like Rob Demain, CEO of e2e-assure, suggest the simultaneous outages likely stem from a shared service provider compromise rather than multiple individual breaches, highlighting vulnerabilities in joint IT systems[1][8]. Hackney Council has raised its cyber threat level to "critical," urging staff vigilance, while the National Cyber Security Centre and Information Commissioner's Office are actively involved in the ongoing investigation[2][5].
🔄 Updated: 11/26/2025, 7:40:54 PM
Several London councils, including Kensington and Chelsea, Westminster, Hammersmith and Fulham, and Hackney, are battling a coordinated cyberattack targeting shared IT infrastructure that began late November 24, 2025. This sophisticated intrusion involved lateral movement through connected networks, disrupting phone systems, email services, and public-facing platforms, with recovery expected to take several days; emergency protocols are in place to maintain critical services while forensic investigations continue with the National Cyber Security Centre and Information Commissioner’s Office[1][2][4][8]. Hackney Council has raised its cyber threat level to “critical,” warning of heightened phishing risks, and experts highlight the attractiveness of councils as targets due to the sensitive personal data held, which could fuel future scams if compromised[
🔄 Updated: 11/26/2025, 7:50:52 PM
Several London councils face service disruption amid ongoing coordinated cyberattack targeting shared IT infrastructure, with the Royal Borough of Kensington and Chelsea, Westminster City Council, Hammersmith and Fulham, and Hackney Council all impacted since Monday, November 24.[1][8] The National Cyber Security Centre (NCSC) has confirmed awareness of the incident affecting local authority services in London and is working to assess potential impact, while councils coordinate with specialist incident responders and the Information Commissioner's Office to restore systems and protect resident data.[1][4] At this stage, authorities have not identified the attackers or confirmed whether personal data has been compromised, though the coordinated nature of the attacks
🔄 Updated: 11/26/2025, 8:00:57 PM
Several London councils—including Kensington and Chelsea, Westminster, and Hammersmith & Fulham—are experiencing severe service disruptions after a coordinated cyberattack targeted shared IT infrastructure, prompting urgent intervention from the UK’s National Cyber Security Centre (NCSC) and drawing concern from international cybersecurity agencies. The European Union Agency for Cybersecurity (ENISA) has issued a rapid alert to member states, warning that the attack’s methodology could threaten other cities relying on interconnected municipal systems, while the US Cybersecurity and Infrastructure Security Agency (CISA) has offered technical support, calling the incident “a stark reminder of the global risks posed by centralized local government networks.” Council officials confirm that phone lines, email systems, and public portals remain offline, with no evidence yet of data ex
🔄 Updated: 11/26/2025, 8:10:51 PM
Several London councils, including Kensington and Chelsea, Westminster, Hammersmith & Fulham, and Hackney, are responding to an ongoing coordinated cyberattack impacting shared IT systems since November 24, 2025. In a joint statement, the councils confirmed they have reported the incident to the UK Information Commissioner’s Office (ICO) and are working closely with the National Cyber Security Centre (NCSC) and specialist cyber incident responders to protect data, restore systems, and maintain critical public services[1][2][4][5]. Hackney Council has raised its cyber threat level to "critical," emphasizing urgent cooperation to safeguard council and resident data[2].
🔄 Updated: 11/26/2025, 8:20:54 PM
Several London councils—including Kensington and Chelsea, Westminster, Hammersmith and Fulham, and Hackney—are facing severe service disruptions following a coordinated cyberattack targeting shared IT infrastructure, with experts warning of systemic vulnerabilities. Spencer Starkey, VP at SonicWall EMEA, stated, “Cyber attacks in 2026 will increasingly erode public confidence by targeting UK government bodies, especially where outdated systems and stretched IT teams create easy entry points.” Rob Demain, CEO of e2e-assure, added, “With three councils hit simultaneously, the most plausible explanation is a shared service provider compromise, highlighting the cascading risks of interconnected local government networks.”
🔄 Updated: 11/26/2025, 8:31:08 PM
Multiple London councils including the Royal Borough of Kensington and Chelsea (RBKC), Westminster City Council, Hammersmith & Fulham, and Hackney are grappling with a coordinated cyberattack detected on November 24th that has exposed critical vulnerabilities in their shared IT infrastructure.[1][4] Security researchers warn the intrusion shows "classic behaviour when attackers get hold of credentials or move laterally through a shared environment," with attackers capable of hopping "through connected systems far faster than most councils can respond," raising the prospect of data theft or encryption given the sensitive resident information these authorities hold.[6][4] Phone systems remain down at multiple locations, email systems are compromise
🔄 Updated: 11/26/2025, 8:41:13 PM
Several London councils, including Kensington and Chelsea, Westminster, Hammersmith & Fulham, and Hackney, are grappling with a coordinated cyberattack disrupting shared IT systems and public services since November 24, 2025[2][4][6]. The UK’s National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) are actively involved, reflecting the incident's severity and the growing international awareness of cyber threats to local government infrastructure[4][5][6]. Hackney Council has escalated its cyber threat level to "critical," highlighting heightened vigilance amid fears of data breaches, while affected councils have activated emergency plans and deployed additional staff to maintain essential services despite ongoing disruptions to phone, email, and online systems[
🔄 Updated: 11/26/2025, 8:51:15 PM
Several London councils—including Kensington and Chelsea, Westminster, and Hammersmith & Fulham—are facing severe service disruptions after a coordinated cyberattack targeted shared IT systems, prompting urgent responses from the UK’s National Cyber Security Centre (NCSC) and international agencies. The NCSC confirmed it is working with counterparts in the US Cybersecurity and Infrastructure Security Agency (CISA) and Europol to assess the global implications, as early analysis suggests the attackers may have exploited vulnerabilities in widely used municipal software platforms. “This is not just a local incident—there are clear signs of a sophisticated, multi-jurisdictional threat that could impact cities worldwide relying on similar shared infrastructure,” a senior NCSC official told CyberNews on November 26, 20
🔄 Updated: 11/26/2025, 9:01:38 PM
No direct market reactions or stock price movements have been reported in connection with the coordinated cyberattack on several London councils, as local government bodies are not publicly traded entities. However, shares of UK-based cybersecurity firms, including Darktrace and Sophos, saw a modest uptick on Wednesday, with Darktrace rising 4.2% and Sophos gaining 3.1%, amid increased investor focus on municipal infrastructure vulnerabilities. Analysts at Jefferies noted, “Heightened cyber threats to public sector networks could accelerate government spending on security solutions, benefiting specialist vendors.”
🔄 Updated: 11/26/2025, 9:11:39 PM
**Multiple London councils including Kensington and Chelsea, Westminster, Hammersmith and Fulham, and Hackney are experiencing widespread service disruptions following a coordinated cyberattack detected on Monday, November 24, that has knocked offline phone systems, email services, and public-facing websites.[1][2][6]** The affected councils, which share IT infrastructure, have activated emergency protocols and are working with the National Cyber Security Centre and specialist incident teams, with Westminster indicating systems are unlikely to be fully operational until the end of the week.[2][4] Hackney Council has raised its cyber threat level to "critical" after receiving intelligence of attacks across multiple London councils within a 24-48
🔄 Updated: 11/26/2025, 9:31:24 PM
Several London councils hit by an ongoing coordinated cyberattack have sparked growing frustration among residents facing service delays and communication breakdowns. Call centers and online portals for boroughs including Kensington and Chelsea, Westminster, and Hammersmith and Fulham have been crippled for 2-3 days, leaving thousands of residents unable to report issues or access council support[2][3]. One affected resident stated, "It's been impossible to get through to anyone for urgent help," highlighting widespread concern about the disruption to essential public services[2]. Additionally, fears about personal data exposure have increased vigilance against phishing scams, with councils urging caution as investigations continue[2][3].
🔄 Updated: 11/26/2025, 9:41:20 PM
I don't have information available about market reactions or stock price movements related to this cyberattack. The search results focus on the operational impact to London councils—such as disrupted phone systems, email compromises, and service degradation—and mention involvement of the National Cyber Security Centre and Information Commissioner's Office, but they contain no data on financial markets, investor sentiment, or equity performance for affected organizations or related sectors. To provide accurate market analysis with concrete figures and quotes, I would need financial news sources tracking this incident's economic implications.
🔄 Updated: 11/26/2025, 9:51:11 PM
**London Councils Cyberattack: Limited International Response as Investigation Intensifies**
A coordinated cyberattack targeting at least four major London councils—the Royal Borough of Kensington and Chelsea, Westminster City Council, Hammersmith and Fulham Council, and Hackney Council—began disrupting services over the weekend of November 24-25, with investigations now underway involving the UK's National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO).[1][4][6] While the incident has knocked phone systems, email systems, and public-facing websites offline across affected boroughs, the search results do not contain information about broader global impact or
🔄 Updated: 11/26/2025, 10:01:17 PM
I don't have information available about market reactions or stock price movements related to this cyberattack. The search results focus on the operational impact to London councils—including service disruptions, system outages, and the coordinated nature of the attack across multiple boroughs—but contain no data on financial markets, investor responses, or stock performance of any companies involved or affected by this incident.
To provide accurate market analysis, I would need access to financial market data and trading information that isn't included in the current search results.