London boroughs limping back online months after cyberattack
(2026/01/23)
- Reference: 1769164497
- News link: https://www.theregister.co.uk/2026/01/23/landmark_milestone_as_hammersmith_fulham/
- Source link:
Hammersmith & Fulham Council says payments are now being processed as usual, two months after a cyberattack that affected multiple boroughs in the UK's capital city.
In a Thursday update, the West London borough confirmed online and telephone payments had resumed, though some council tax and housing rent account balances may not be current.
H&F urged suppliers to continue submitting invoices for work provided, as systems for paying them are now back online too, despite "a small backlog" that could delay payments.
[1]
The council's status page indicates most services are available, although some remain down, and those seeking support on the phone could face lengthy waits.
[2]
[3]
"A cybersecurity incident in a neighboring council last November affected some shared legacy H&F systems," the notice states. "At the time of the attack, we quickly identified the risks and were able to successfully isolate and safeguard our network. Currently, there is no evidence of our H&F systems being compromised.
"We have introduced enhanced security measures and are carefully investigating the impacts on all systems and services, including any risks to historic data. As a precautionary measure, we temporarily suspended some public-facing applications. We apologize for this inconvenience."
[4]
According to the Local Government & Social Care Ombudsman, [5]the cyberattack impacted Westminster City and Kensington and Chelsea councils, with H&F also affected.
[6]Scottish council still rebuilding systems two years after ransomware attack
[7]Birmingham pauses Oracle relaunch to get staff on board
[8]Glasgow City Council online services crippled following cyberattack
[9]Attack on Oxford City Council exposes 21 years of election worker data
[10]Scottish council admits ransomware crooks stole school data
Westminster City Council faces more severe disruptions. Direct debits won't resume until after January at the earliest, and missed payments will be spread across remaining months of the financial year, resulting in larger-than-normal bills. Residents cannot order birth, death, and marriage certificates, and school application forms, library cards, and free school meal applications remain unavailable.
The Royal Borough of Kensington & Chelsea - the only authority to confirm [11]the incident carried criminal intent and data compromise - still cannot process some residents' payments. The council tax team can't access systems or emails.
It warned the investigation into the attack remains ongoing, and a full system restoration may take months. "We continue to work closely with law enforcement and cybersecurity agencies here and internationally to investigate the incident.
"We understand this is a worrying situation, and we thank residents, local partners, and our own staff for their patience and cooperation."
[12]
The borough reported blocking over 113,000 phishing attempts between June and September 2025, noting UK councils face near-daily attacks.
The UK's NCSC, the cyber arm of the sigint agency GCHQ, warned this week that local authorities are among the primary targets for [13]pro-Russia hacktivist attacks that, while rarely sophisticated, can cause costly disruption. ®
Get our [14]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2025/11/26/cyberattack_london_councils/
[6] https://www.theregister.com/2025/11/27/western_isles_ransomware_council/
[7] https://www.theregister.com/2026/01/13/birmingham_oracle_delay/
[8] https://www.theregister.com/2025/06/26/glasgow_city_council_cyberattack/
[9] https://www.theregister.com/2025/06/20/oxford_city_council_breach/
[10] https://www.theregister.com/2025/05/22/west_lothian_school_ransomware/
[11] https://www.theregister.com/2025/12/02/london_councils_data_breach/
[12] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[13] https://www.theregister.com/2026/01/19/dont_underestimate_prorussia_hacktivists_warns/
[14] https://whitepapers.theregister.com/
In a Thursday update, the West London borough confirmed online and telephone payments had resumed, though some council tax and housing rent account balances may not be current.
H&F urged suppliers to continue submitting invoices for work provided, as systems for paying them are now back online too, despite "a small backlog" that could delay payments.
[1]
The council's status page indicates most services are available, although some remain down, and those seeking support on the phone could face lengthy waits.
[2]
[3]
"A cybersecurity incident in a neighboring council last November affected some shared legacy H&F systems," the notice states. "At the time of the attack, we quickly identified the risks and were able to successfully isolate and safeguard our network. Currently, there is no evidence of our H&F systems being compromised.
"We have introduced enhanced security measures and are carefully investigating the impacts on all systems and services, including any risks to historic data. As a precautionary measure, we temporarily suspended some public-facing applications. We apologize for this inconvenience."
[4]
According to the Local Government & Social Care Ombudsman, [5]the cyberattack impacted Westminster City and Kensington and Chelsea councils, with H&F also affected.
[6]Scottish council still rebuilding systems two years after ransomware attack
[7]Birmingham pauses Oracle relaunch to get staff on board
[8]Glasgow City Council online services crippled following cyberattack
[9]Attack on Oxford City Council exposes 21 years of election worker data
[10]Scottish council admits ransomware crooks stole school data
Westminster City Council faces more severe disruptions. Direct debits won't resume until after January at the earliest, and missed payments will be spread across remaining months of the financial year, resulting in larger-than-normal bills. Residents cannot order birth, death, and marriage certificates, and school application forms, library cards, and free school meal applications remain unavailable.
The Royal Borough of Kensington & Chelsea - the only authority to confirm [11]the incident carried criminal intent and data compromise - still cannot process some residents' payments. The council tax team can't access systems or emails.
It warned the investigation into the attack remains ongoing, and a full system restoration may take months. "We continue to work closely with law enforcement and cybersecurity agencies here and internationally to investigate the incident.
"We understand this is a worrying situation, and we thank residents, local partners, and our own staff for their patience and cooperation."
[12]
The borough reported blocking over 113,000 phishing attempts between June and September 2025, noting UK councils face near-daily attacks.
The UK's NCSC, the cyber arm of the sigint agency GCHQ, warned this week that local authorities are among the primary targets for [13]pro-Russia hacktivist attacks that, while rarely sophisticated, can cause costly disruption. ®
Get our [14]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2025/11/26/cyberattack_london_councils/
[6] https://www.theregister.com/2025/11/27/western_isles_ransomware_council/
[7] https://www.theregister.com/2026/01/13/birmingham_oracle_delay/
[8] https://www.theregister.com/2025/06/26/glasgow_city_council_cyberattack/
[9] https://www.theregister.com/2025/06/20/oxford_city_council_breach/
[10] https://www.theregister.com/2025/05/22/west_lothian_school_ransomware/
[11] https://www.theregister.com/2025/12/02/london_councils_data_breach/
[12] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aXNU0CxKUgfwiUgmI0zb3AAAAkU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[13] https://www.theregister.com/2026/01/19/dont_underestimate_prorussia_hacktivists_warns/
[14] https://whitepapers.theregister.com/