Dundee City Council says it has put in place extra mitigations to protect its IT systems after a “potential phishing email” was circulated from an employee address.
The email, which was sent to a number of internal and external addresses on Thursday, purported to share a PDF file containing information on the instrumental music service.
However Dundee City Council subsequently confirmed the employee’s email address had been hacked.
This resulted in users who had received the email being asked to change their account passwords as a precaution.
The council also circulated an internal email warning people of the breach and have put in place further mitigations to “safeguard” their operations.
‘Full confidence’ in council response
Phishing is a method used by cyber attackers in an attempt to steal confidential personal and corporate information.
It usually involves tricking users into doing ‘the wrong thing’, such as clicking a bad link that will download malware or directing them to a dodgy website.
Liberal Democrat councillor Fraser Macpherson, who represents the West End ward, said he had full confidence in the council’s IT department who acted quickly to stop the threat.
He said: “I received this particular email as well.
“Any large organisation with thousands of email accounts and massive traffic from both internal and external sources is often going to get phishing attempts.
“But I have great deal of confidence in the IT service of the council and they get on top of things very quickly.
“Very few of these type of emails get through because of their expertise.”
A spokesperson for the local authority said: “The Council is aware of the potential phishing email which was circulated on Thursday.
“There has been no wider compromise of our IT system detected.
“As a precaution further mitigation has been put in place by IT staff to safeguard the council.”
Conversation