UK trade unions hit by spate of cyber attacks

Two UK trade unions have fallen victim to cyber attacks within the past month, as hackers seek to target valuable data about their staff and tens of thousands of members.

The Communications Workers Union is working to restore its IT systems after being hit by a debilitating cyber attack, the CWU confirmed. The union is one of the largest, representing around 185,000 employees in the tech, telecoms, banking and financial services industries,

Some union member data was held within the targeted systems, they added. The CWU does not yet know if personal data was stolen in the March attack and the identity of the hackers is unknown. 

Aslef, Britain’s trade union for train drivers with 21,000 members, has also suffered from a cyber attack, according to an Aslef executive. A malicious attempt that disrupted the union’s website was reported in recent weeks.

The person said the hackers had not asked for money and that it appeared to be a phishing attempt for members’ data. No evidence indicated it was politically motivated, they added, or that any data had been taken.

The CWU has since advised members to be vigilant against the risk of phishing emails, while security experts work on a digital forensic analysis to determine precisely what had occurred.

This would also help establish when the union’s IT infrastructure can be fully restored, a CWU spokesperson said.

The attack on the CWU came with a demand for a ransom, which the union has refused to pay, according to a person close to the matter.

Companies that employ CWU members include BT, Google, Apple, EE, Virgin Media O2 and Microsoft — groups at the vanguard of cyber protection. 

The Information Commissioner’s Office, which polices data breaches, has been informed of the breach and the union has drafted in specialist cyber security advisers.

The TUC, the umbrella body for the UK union movement, has updated its guidance on cyber security. It said: “For unions, who maintain a large collection of highly sensitive personal data in their membership records, good cyber security has become essential.” 

The guidance added: “Any breach would result in not just a hefty fine, but also a damaging blow to both the reputation of the union and the trust of the membership.”

The TUC’s own website was also compromised last month in an apparently unlinked cyber attack on a separate company, which used the same web developer as the national trade union centre.

A spokesperson for the TUC said its website was briefly unavailable on Thursday, March 28 as a result of a distributed denial-of-service (DDoS) attack on “another client”, which was not a union but was hosted by the same web developers as the TUC.

DDoS attacks are designed to disrupt websites or servers by overwhelming services with a deluge of requests.

“None of our systems were accessed and no personal data was compromised,” they said.