Housing provider toughens web security after 'organised crime' cyber attack
Hackers targeted cloud computer company Blackbaud that supplies software used by the UEA to keep in touch with its alumni and supporters. Picture: Getty Images - Credit: Getty Images/iStockphoto
A housing provider says it has beefed up its online security after a "sophisticated" cyber attack prompted fears that customers' data could be leaked.
Flagship Group, based in Norwich, revealed a “major IT incident” had occurred on Sunday, November 1.
The attack, which left many of the company's systems offline, is believed to have been caused by ransomware known as Sodinokibi, via a suspected phishing attack.
The incident was reported to the Regulator of Social Housing, the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO).
At Breckland Council's Overview and Scrutiny Committee on January 14, Flagship's chief financial officer David Armstrong said an investigation was still in the "early stages", but there is no evidence of loss of personal data.
You may also want to watch:
He said: "Flagship was the subject of a professionally organised crime ransomware attack and at this stage, we have got no evidence of loss of personal data.
"Fortunately for us and unfortunately for them, our monitoring alert system flashed up that there was some unusual activity on the network and our IT team were able to force a rapid shutdown of all of our systems and networks, which meant that we were able to protect our back-up data and eject the criminals before they destroyed all the evidence of their activity.
Most Read
- 1 Norfolk's first mass Covid vaccination centre to open in food court
- 2 Stunning images capture Cromer in the snow
- 3 'Anti-social rider' has quadbike seized in the snow
- 4 Norfolk wakes up to snow with more expected to fall
- 5 Floral tributes left to driver killed in A148 crash
- 6 Jailed in Norfolk: Burglars, domestic abuse and threats to kill
- 7 Are you in our Norfolk school photos from the 1970s?
- 8 Driver escapes serious injury after 4x4 flips onto roof
- 9 Drivers face non-essential travel fines after spate of snow crashes
- 10 Man in 20s dies and three hurt as Audi crashes into wall
"After the incident, we employed a cyber specialist team to help us with the recovery process.
"We also employed a second professional group of cybersecurity specialists who are performing the forensic investigation for us."
Flagship Group owns some 31,000 homes in the East of England and employs 1,200 people in its facilities, repairs, maintenance and heating departments.
After the attack, believed to have originated from "a separate continent to the East", the group has issued staff training in the form of fake phishing emails, migrated its servers to a cloud-based system with a "host of additional security measures" and brought in multi-factor identification.
They also offered all staff and customers a free 12-month subscription to a fraud and web monitoring service which 495 members of staff and 1,028 customers have taken up the offer of.
Mr Armstrong said: "A cyber attack is a very worrying time for anybody who is a customer or indeed staff.
"These two projects have been a key part of our recovery plan and will help protect us even more going forward, but no system is going to be 100pc secure."