Updated -23rd May 14.45
On the 2nd April at 1:30am Kent Commercial Services, wholly owned by Kent County Council suffered a ransomware attack and took down their website.
The company sells and brokers in excess of £600m per annum to individuals, schools across the UK, care homes across England, recruitment of staff in Kent and other Tier 1 and Tier 2 councils across the country.
Ransom malware, or ransomware, is a type of malware that prevents users from accessing their system or personal files and demands ransom payment in order to regain access. The earliest variants of ransomware were developed in the late 1980s, and payment was to be sent via snail mail. Today, ransomware authors order that payment be sent via cryptocurrency or credit card.
The two companies which make up KCC Commercial Services Group, wholly owned by KCC are:
“Kent Commercial Services (KCS) have headquarters and warehousing facilities based near Maidstone in Kent, It employs close to 700 people, selling and brokering in excess of £600m per annum. It is pre-eminent in Education Supplies (Kent County Supplies & Abacus Education Supplies), Energy (LASER & Lumina), Recruitment (Connect2Staff) plus selected Operational Services markets, providing a wide range of quality products and services at competitive prices to both public and private sector customers.”
Kent County Council informed the Information Commissioner Office at the earliest opportunity and five days later, the 7th April, KCS announced in a ltter to its suppliers and customers:
About the incident – We appreciate you’re going to have questions and concerns relating to this data incident, and we will do our best to explain the current situation, what happened and why. Commercial Services Group (CSG) is conducting an investigation and we believe the following event led to the data security incident in question:
• IT Systems suffered a major failure at 1:30am on Thursday 2nd April 2020. • Failure caused by a ransomware attack.
We regret to inform you that Commercial Services Group has discovered a breach in our systems that may expose the business data we control and process.
The letter issued goes onto say:
This business data may contain financial data and commercial data relating to your business and our agreements/contracts and may contain personal contact details relating to your employees. We have notified the Information Commissioner’s Office (ICO), the National Cyber Security Centre (the NCSC) and Action Fraud (the National Fraud & Cyber Crime Reporting Centre) about this incident and we are working with our cyber security experts to minimise any further risk posed to you by this incident.
It goes onto say:
As a result of this data breach, we would recommend you take the following actions as soon as possible to further protect your business from additional risks associated with this incident:
Do not respond to any emails received from Commercial Services email accounts.
Update all portal/online website passwords used for accessing our business systems.
Contact your bank immediately if you discover any unusual activity on your account.
If you do have any concerns or questions, our DPO has set up a new gmail account, and you can email our DPO at email@example.com
For the full letter KCS sent out to all its suppliers/customer this can be found here:
“Cyber crime can bring down an entire business, whether that is stolen intellectual property, commercially sensitive information or operational data that can be encrypted by malware and held to ransom.
“That is why we have taken this action – to help protect Kent businesses from falling foul of this type of criminal activity.”
At the time of publication Kent County Council have been asked for a comment but no response has been received.
The Shepwayvox Team
Not owned by Hedgefunds or Barons