Eighteen months after the data breach at Gloucester City Council, the results of a full investigation have been revealed. 

In a statement by Jon McGinty, the council's managing director, the findings revealed how the attack in 2021 "caused damage to the council's network and online services with several systems having to be taken offline".

Mr McGinty added: "The council worked with the National Crime Agency and the National Cyber Security Centre, part of GCHQ, as well as informing the Information Commissioner's Office to minimise any further risks.

"The city council has been working with cyber incident response experts to investigate the extent of the incident and wants to advise residents that some personal information may have been taken."

While some data the city council holds about residents may have been accessed during the cyber incident, to date, he said, "nothing taken has been published online and, based on advice received from law enforcement agencies, they believe that it is now unlikely that it will be".

However, Lib Dem group leader, cllr Jeremy Hilton hit out at the time taken to issue news about the attack – and said it left questions unanswered.

Cllr Hinton said: "I was shocked to hear the news today that the personal data of many citizens was compromised by (the December 21st) cyber attack. Especially so, as the city council Conservative administration had refused to confirm or deny that personal data had been captured by the hackers.

"Now 18 months later the council cabinet member and managing director have finally confirmed that many Gloucester residents had their personal data stolen by these cyber criminals.

"The council leadership has many questions to answer. Have they for example known that personal information was compromised from day one and why didn't they tell the public straight away?"

In the council's full official statement, Mr McGinty pointed to how several organisations had been affected.

It stated: "Earlier this year, the government-sanctioned seven individuals associated with the criminal group thought to be involved in this incident, which was also behind attacks on several other organisations including hospitals, schools, businesses and other local authorities."

Due to the multi-national action being taken against individuals connected with the group suspected of carrying out this attack, and following advice received from national law enforcement agencies, the council believes "it is now unlikely any information taken will be published". 

"The National Crime Agency continues to scan for stolen information released on the internet and, if the city council is informed that any information taken during this incident is published in the future, we would then notify individuals affected."

Most council systems, such as the Report It service, which allows issues like fly-tipping to be flagged, and the Local Land Charge service used to carry out searches for prospective homeowners, are now said to be up and running. 

"This has been a challenging period and I want to thank our residents for their patience and understanding; I also want to thank our staff for their hard work keeping services to the public going during this period of recovery.

Mr McGinty said he also shared "the annoyance of the public that we were targeted in this way; this criminal group targeted our council amongst other private and public sector organisations to disrupt our public services to extort a ransom payment from the council.

"I am sorry for any concern this announcement may cause residents and members of the public but would like to emphasise this occurred in December 2021 and based on advice received from our national law enforcement partners, the council believes that it is unlikely that any information taken will be released in the future."

In February 2023, the UK Government took action against individuals connected with the criminal gang suspected of carrying out this attack. 

Punchline-Gloucester.com has closely followed this story and reported an update last autumn.