UPDATE: Kensington and Chelsea Council has urgently contacted 100,000 households after a significant cyber attack potentially compromised personal data. The attack occurred in November 2025 and is believed to have been executed “with criminal intent,” prompting the council to take immediate action to protect residents.
Residents are being advised to adhere to guidelines from the National Cyber Security Centre as authorities warn that the stolen data could be exploited by criminals to facilitate scams. The council’s website states that the attack was swiftly detected and contained, but it is believed that sensitive information may have been accessed.
Officials have urged residents to remain vigilant against unexpected calls, messages, or links, particularly from anyone impersonating council officials seeking sensitive details. A statement from the council reads,
“It is possible that any data copied and taken from us could be misused or published. We are planning accordingly for this, working with law enforcement at every step.”
The cybersecurity team at Kensington and Chelsea Council has prioritized reviewing files associated with vulnerable individuals. However, they caution that a thorough assessment could take months. The council is collaborating with both Westminster City Council and Hammersmith and Fulham Council, as they share services that were impacted during the breach.
This incident highlights the growing threat of cyber attacks against public sector bodies. In 2024, local governments reported over 150 incidents to the Information Commissioner’s Office. Kensington and Chelsea Council battles cybercrime daily, having intercepted over 113,000 phishing attempts between June and September 2025. The council allocates £12 million annually to bolster IT and security systems.
As a direct result of this breach, some services remain disrupted, with officials warning that restoring all systems securely will take time. In a related incident, Westminster City Council has advised staff to exercise caution while using Microsoft Teams, following reports of targeted attacks via the platform. An internal memo has alerted employees to avoid unexpected calls or meeting invitations, ensuring they safeguard their communications.
The urgency of this situation cannot be overstated. Residents of Kensington and Chelsea are encouraged to stay alert and report any suspicious activity. Authorities are closely monitoring the situation and will provide updates as new information becomes available.
Stay informed and share this important information with your community to help protect against potential cyber threats.
