ao link
Twitter
Facebook
Linked In
Twitter
Facebook
Linked In

You are viewing 1 of your 1 free articles

Staff and tenants’ data compromised in cyber attack at 32,000-home housing association

Staff and residents’ personal data has been compromised in a cyber attack at a 32,000-home housing association based in East Anglia.

Linked InTwitterFacebookeCard
Picture: Getty
Picture: Getty
Sharelines

Staff and residents’ personal data has been compromised in a cyberattack at a 32,000-home housing association based in East Anglia #UKhousing

Flagship Group has confirmed that a “major IT incident” on Sunday, which took most of its systems offline and blighted services, was caused by hackers.

In a statement published to its website yesterday afternoon, Flagship said that despite “quick action” to take all its systems offline and “successful” attempts to stop the spread of the attack, “some personal customer and staff data has been compromised”.

“However, we are yet to have a complete picture of all the data that has been encrypted,” it added.

The cyber attack was caused by a ransomware known as Sodinokibi – the same outfit which demanded £4.6m from foreign exchange company Travelex following a hack on New Year’s Eve.

Residents and employees are being asked to “be cautious” when dealing with calls and emails, while Flagship has implemented extra security measures with an investigation ongoing.

In an FAQs document published this afternoon (attached below), Flagship issued advice for people to inform their banks of the attack and monitor their accounts.

The landlord said it has reported a crime to the police and notified the Information Commissioner’s Office, Action Fraud and the Regulator of Social Housing, as well as seeking advice from the National Cyber Security Centre and the National Crime Agency.

Flagship’s website was still down on Thursday morning.


READ MORE

Home Group contacts 4,000 tenants about ‘possible data vulnerability’Home Group contacts 4,000 tenants about ‘possible data vulnerability’
Scottish regulator warns of coronavirus-themed cyber crime after attack against landlordScottish regulator warns of coronavirus-themed cyber crime after attack against landlord
The big data dilemma: how housing associations are tackling new data protection challengesThe big data dilemma: how housing associations are tackling new data protection challenges

David McQuade, chief executive of Flagship, said: “We take the privacy and security of our customer and staff data very seriously, and we’re very sorry that it has been compromised.

“Over the past few days, the incident has caused considerable disruption to staff and customer services, and we are concentrating on emergency situations to ensure our customers are safe.

“Our teams are working tirelessly around the clock to bring our systems back online, and we apologise for any inconvenience this may have caused.”

The cyber attack on Flagship is the latest in a series against the social housing sector.

In October, the Chartered Institute of Housing was affected, while Red Kite Community Housing was defrauded out of nearly £1m after falling victim to a cyber scam last year.

Earlier this year, the Scottish Housing Regulator warned landlords about the threat of coronavirus-themed cyber attacks after one housing association was hit by a ransomware attack and others were targeted with phishing email campaigns.


Related Files

IT Incident - Customer FAQs.pdfPDF, 59 KB

Update: at 12.56pm, 05/11/20 information about FAQs released by Flagship was added to the story.

Sign up for our legal and regulation newsletter

Sign up for our legal and regulation newsletter
Linked InTwitterFacebookeCard
Add New Comment
You must be logged in to comment.