View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 21, 2018

Yorkshire Council Application Accessed By Hacker of Unknown Hat

“This is a serious breach, with thousands of people having their personal data at put at risk”

By CBR Staff Writer

A hacker has accessed the data belonging to nearly 6,000 Yorkshire residents, by breaching a Yorkshire Council application.

The One Planet York application was designed to help residents in York find out the bin collection dates, while also providing recycling advice.

The city of York Council have stated that the application contained 5,994 records which stored information such as user phone numbers, addresses and encrypted passwords.

The council have sent a letter, obtained by the York Press, out to all users of the application to inform them of the breach stating that: “We have conducted a thorough review of the One Planet York app, we have deleted all links with the app and as a result, will no longer support it going forward.”

“We have deleted it from our website and asked for it to be removed from the app stores and ask that you now delete it from your device,” the letter advises.

Yorkshire Hack

It seems the council was informed of the breach by the threat actor themselves who contacted the council on the 1st of November. the council then promptly informed the North Yorkshire Police about the breach.

It is unclear if this hacker reported the vulnerability as part of a malicious endeavor or was simply wearing their white hat for the day.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The application was isolated from council system so the breach seems to be limited to the One Planet York application.

See Also: Parliament Tears Into National Cyber Security Programme, Calls for Audit

Commenting in an emailed statement to Computer Business Review Martin Thorpe Enterprise Security Architect at Venafi said that: “This is a serious breach, with thousands of people having their personal data at put at risk.”

“Unfortunately, hacks of these kind are rising year on year though; York is certainly not alone. There are now over 15.5 billion apps in the UK, often containing very personal information – from health data to financials. Yet developers are often more focused on features and usability than on security. In a bid to increase speed to market, developers are prioritising convenience and failing to build security in from the ground up.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.