Glasgow City Council, Scotland’s largest local authority, has been battling a significant cyber incident that began on June 19, 2025, causing widespread disruption to its online services and raising concerns about potential data compromise. The attack originated within a third-party supplier’s servers, highlighting the growing vulnerability of complex digital supply chains.

The incident came to light when the Council’s primary ICT supplier, CGI, detected malicious activity on servers managed by one of its sub-contractors. In response, the affected servers were swiftly isolated from the Council’s wider network and taken offline as a precautionary measure. While this action protected the core infrastructure, it inevitably led to the disruption of numerous day-to-day digital and online services for Glasgow residents.

Impact on Public Services:

The cyber incident has affected a range of crucial public services, causing inconvenience and anxiety for citizens. Initially impacted services included:

• Planning Applications: Online access to view and submit planning applications was unavailable.
• Parking and Bus Lane Penalties: Residents were unable to pay fines or access contravention evidence online.
• Strathclyde Pension Fund: Members experienced issues accessing their online portal.
• Registrar Services: Online booking for appointments (e.g., for births, marriages, deaths) and ordering certificates was disrupted.
• Freedom of Information Requests: The online form for submitting FOI requests was temporarily unavailable.
• Property Enquiry Certificates: Online search for statutory notices was affected.

The Council has been working diligently to restore services, bringing some back online through temporary measures and by safely migrating others to new servers. As of early July, the Strathclyde Pension Fund portal and Freedom of Information requests were restored, and access to the public planning portal has also since come back online. However, some services, such as online certificate ordering and full functionality for parking penalty payments, remain partially affected.

Data Concerns and Investigations:

While Glasgow City Council has stated that joint investigations have not yet found evidence of data being encrypted or exfiltrated (stolen), they are operating with an abundance of caution. Until a full forensic examination of the affected servers is complete, the Council is working on the presumption that data, which may include customer data from affected online forms, may have been lost.

Crucially, the Council has reassured residents that no financial systems were affected in the attack, and no bank account or credit/debit card details processed by these systems have been compromised.

An extensive investigation is currently underway, involving Police Scotland, the Scottish Cyber Coordination Centre (SC3), and the National Cyber Security Centre (NCSC). The Council has also been working with independent experts to monitor online activity for any signs of leaked or misused data. The Information Commissioner’s Office (ICO) has been notified of the potential data breach.

Advice for Residents:

Glasgow City Council has issued a strong warning to residents to be vigilant against potential phishing attempts. They advise:

• Be particularly cautious if contacted by someone claiming to have your data, especially if you have used any of the affected online forms.
• If you are contacted by someone making such claims, immediately contact Police Scotland on 101.
• The Council emphasizes that email communication with the Council remains safe, but residents should always be suspicious of any email asking for bank account details, passwords, or other secure information, as the Council will never ask for such details via email.
• Individuals can also refer to the NCSC’s advice and guidance on data breaches.

This incident is the latest in a concerning trend of cyberattacks targeting local authorities and public sector organizations across the UK. It underscores the critical importance of robust cybersecurity measures, not just within an organization’s own infrastructure, but also across its entire supply chain and third-party vendor ecosystem. As the investigation continues, Glasgow City Council remains committed to restoring all services and providing updates to its citizens.