The Black Basta ransomware gang has formally claimed responsibility for the cyberattack crippling multiple London boroughs. The group has posted samples of stolen data—including resident passport scans and council tax records—giving the councils 48 hours to pay before a full leak.
Business Impact
This confirms a massive data breach affecting potentially millions of citizens. The operational disruption has already halted housing transactions and social care payments. The leak of sensitive PII will lead to long-term identity theft risks for residents and severe regulatory fines for the councils.
Why It Happened
Black Basta likely exploited a shared service provider vulnerability (possibly the Oracle or Citrix flaws tracked recently) to laterally move across the interconnected networks of the different councils.
Recommended Executive Action
For public sector leaders: Review shared-service agreements for single points of failure. Ensure that “offline” backups are truly isolated from the network to prevent encryption during such cascading attacks.
Hashtags: #BlackBasta #Ransomware #London #DataBreach #PublicSector #Privacy #GDPR #InfoSec