Introduction
Oxford City Council recently experienced a cybersecurity incident that compromised personal data of employees involved in elections from 2001 to 2022. This breach highlights vulnerabilities in legacy systems and underscores the need for enhanced cybersecurity measures.
Description
Oxford City Council is currently investigating a cybersecurity incident that occurred over the weekend of June 7 and 8, 2025, during which hackers accessed personal data of employees involved in elections administered by the Council from 2001 to 2022. The attackers gained unauthorized access to legacy systems [6], compromising 21 years of historical data [8], primarily affecting current and former council officers [2] [4], including poll station workers and ballot counters [1] [3] [4] [6] [7]. Upon detecting the unauthorized presence within the network, the Council’s automated security measures were activated [7], successfully removing the intruder and minimizing access to council databases.
The breach disrupted various ICT services, necessitating temporary shutdowns of main systems for cleanup and thorough security checks conducted by external cybersecurity specialists. Fortunately, there is currently no evidence that the accessed information has been leaked or shared with unauthorized third parties, nor is there any indication of a mass data extraction during the incident. The Council has proactively contacted affected individuals, providing them with information and support resources regarding the situation. As of June 19, most services have been restored and are safe to use [8], although some technical issues remain [8].
In response to the breach, the Council is implementing enhanced cybersecurity measures [6], including the decommissioning of legacy systems, advanced network segmentation [5], timely software updates [6], encryption of archived data [6], and continuous staff training to prevent further unauthorized access. The incident has been reported to relevant government authorities and law enforcement [1] [2] [3], including the UK’s Information Commissioner’s Office (ICO) [6]. The Council has expressed that the breach is “deeply regrettable,” apologizing for any service disruptions while the systems were assessed.
Ongoing investigations aim to ascertain the specifics of the data accessed and to prevent future incidents. This incident underscores vulnerabilities in legacy infrastructure and raises concerns about the Council’s data retention and protection practices, particularly regarding the integrity of electoral infrastructure [6]. It has expedited plans for digital modernization within the Council, reinforcing its commitment to transparency and public trust as it manages the aftermath of the breach [3]. The incident serves as a wake-up call for other councils and public institutions to audit their digital archives and allocate resources toward proactive cybersecurity investments [6], as cyberattacks targeting municipal governments are anticipated to rise [6], with legacy systems becoming primary targets [6].
Conclusion
The cybersecurity breach at Oxford City Council has prompted immediate action to enhance digital security and protect sensitive data. By decommissioning outdated systems and implementing advanced security protocols, the Council aims to prevent future incidents. This event serves as a critical reminder for public institutions to prioritize cybersecurity, ensuring the integrity and trustworthiness of their digital infrastructure.
References
[1] https://www.infosecurity-magazine.com/news/personal-data-oxford-council/
[2] https://gbhackers.com/oxford-city-council-hit-by-cyberattack/
[3] https://thecyberexpress.com/oxford-city-council-cyberattack/
[4] https://www.bbc.com/news/articles/c2k1dyql37ko
[5] https://cyberpress.org/oxford-city-council-faces-data-breach-as-hackers-access-personal-information-of-staff/
[6] https://undercodenews.com/oxford-city-council-cyberattack-legacy-system-breach-exposes-personal-data/
[7] https://insight.scmagazineuk.com/oxford-council-investigates-cyber-incident-breach-of-legacy-data
[8] https://www.freevacy.com/news/the-register/oxford-city-council-cyberattack-exposes-21-years-of-election-data/6488
