Oxford City Council in the United Kingdom (UK) is notifying current and former employees that their personal information was likely compromised in a recent cyberattack.
The incident, the council says, occurred over the weekend of June 7 and 8, when it detected suspicious activity within its network.
“Our automated security systems kicked in, removed the presence and minimized the access the attackers had to our systems and databases,” the council said in an incident notice.
Oxford City Council took down core systems to perform security checks, which resulted in service disruptions over the past week.
Most of the impacted systems have been restored and the remaining ones should be back online this week, it says.
The attack, the council says, resulted in threat actors accessing historic data on legacy systems, and in certain personal information being compromised.
“We have now identified that people who worked on Oxford City Council-administered elections between 2001 and 2022, including poll station workers and ballot counters, may have had some personal details accessed,” the council announced.
The impacted individuals, current and former council officers, have been contacted individually, the council says, adding that it has no evidence that the compromised information was leaked.
“Investigations continue to identify as precisely as we can what was accessed and what, if anything, might have been taken out of our systems. There is no evidence of a mass download or extraction of data,” the council said.
Oxford City Council says it has taken steps to prevent further unauthorized access to its network, and contacted the relevant government authorities and law enforcement.
Related: Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People
Related: Asheville Eye Associates Says 147,000 Impacted by Data Breach
Related: Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach
