Oxford City Council has confirmed a data breach after threat actors accessed personally identifiable information (PII) stored on legacy systems, affecting past and present Council staff.
The breach was disclosed in an official statement on the Council’s website, where the authority revealed that attackers had gained unauthorized access to historical data, including information related to individuals involved in Council-run elections between 2001 and 2022, such as poll station workers and ballot counters.
“Unfortunately, the attackers were able to access some historic data on legacy systems,” the statement read. “We have now identified that people who worked on Oxford City Council-administered elections… may have had some personal details accessed.”
The incident also triggered ICT service disruptions, some of which are still being resolved, though the majority of systems have reportedly been restored. The breach has not impacted citizen data, according to initial findings, and no evidence of mass data extraction or further dissemination has been identified so far.
Oxford City Council, which serves approximately 155,000 residents, is a key local authority responsible for managing services such as housing, planning, waste collection, and elections. Due to Oxford’s global prominence in education and research, the council’s operational security remains of significant public concern.
Affected individuals are being notified directly, with support and guidance on potential risks. The Council also confirmed that law enforcement and government cyber authorities have been notified, and security measures are being enhanced to prevent future incidents.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
