Greater Manchester Hit by Cyber-Attack Spreading Phishing Scams

Introduction

A cyber-attack has swept across multiple boroughs in Greater Manchester, Northwest England, leaving thousands of residents exposed to a phishing scam. The attack has raised concerns about digital security and the protection of personal data for local residents.

Attack Overview

The attack began by targeting a single borough in Greater Manchester and quickly spread to other areas, sending out phishing emails to thousands of users. These emails contained deceptive messages urging recipients to "activate your tenancy options" and provide personal information. The scam was first identified on July 29 by Locata, a housing software provider managing housing portals for councils throughout the UK.

In response to the incident, Locata stated, “We identified an IT security incident impacting a small number of public-facing websites operated by Locata Housing Services on behalf of local authorities.” As a precautionary measure, Locata suspended the housing websites for Manchester, Salford, and Bolton councils to prevent further damage.

Authorities' Response

Local authorities have been alerted to the attack and are actively managing the situation. A spokesperson from Manchester City Council confirmed that the phishing site has been taken down, rendering the scam email link inactive. The council has reported the breach to the Information Commissioner’s Office (ICO), the UK’s data protection regulator, highlighting the severity of the cyber incident.

Impact on Manchester Move

The attack has also affected Manchester Move, a council-managed online platform for individuals seeking social housing in Manchester. Although the breach compromised only the public-facing part of the website, a “small amount of personal information” was exposed, according to a Manchester City Council spokesperson.

Currently, the Manchester Move website is offline, displaying a maintenance message that acknowledges the breach and phishing scam. The message advises residents, “Manchester Move would never request personal information using a link. If you think you might have clicked on something or given personal information away, please follow the steps below.” These steps align with guidance from the UK National Cyber Security Centre. The website will remain offline until officials are confident that users' personal information is secure.

Recommendations from Salford Council

The Salford Council, also affected by the attack, has provided a list of recommendations for residents who may have clicked on the phishing link:

Conclusion

This cyber-attack on Greater Manchester underscores the critical need for robust cybersecurity measures and vigilance against phishing scams. Authorities are working diligently to safeguard residents’ personal data and prevent future incidents. As cyber threats evolve, residents and organizations must remain alert and proactive in protecting their digital footprint, utilizing tools like darknet monitoring services, brand protection strategies, and digital threat scoring to enhance online safety.

About Foresiet!

Foresiet is the pioneering force in digital security solutions, offering the first integrated Digital Risk Protection SaaS platform. With 24x7x365 dark web monitoring and proactive threat intelligence, Foresiet safeguards against data breaches and intellectual property theft. Our robust suite includes brand protection, takedown services, and supply chain assessment, enhancing your organization's defense mechanisms. Attack surface management is a key component of our approach, ensuring comprehensive protection across all vulnerable points. Compliance is assured through adherence to ISO27001, NIST, GDPR, PCI, SOX, HIPAA, SAMA, CITC, and Third Party regulations. Additionally, our advanced antiphishing shield provides unparalleled protection against malicious emails. Trust Foresiet to empower your organization to navigate the digital landscape securely and confidently.