Issue - meetings

Flagship - Cyber Attack

Meeting: 14/01/2021 - Overview and Scrutiny Commission (Item 10)

Flagship - Cyber Attack

As a follow-up to the meeting held on 3 December 2020, Mr Adrian Barber, Managing Director (Victory Housing), Flagship will be in attendance to respond to issues arisen from their substantial data leak.


To consider the following Call for Action received from Councillor Tim Birt and Councillor David Wickerson:


Please could we request Flagship to attend a meeting to explain issues which have arisen from their substantial data leak. We have heard from a few tenants who have been left concerned and in the dark about consequences this serious issue.

Opening questions for Flagship:

  1. What happened and when?
  2. What data and how much data was compromised?
  3. Who copied the data?
  4. What action has been taken to fix leak?
  5. What action has been taken to protect tenants from the consequences, both short and long term?
  6. How are all tenants being kept informed?
  7. What is being done to help those suffering stress, especially those with mental health issues?



The Chief Financial officer of the Flagship Group, David Armstrong, clarified that there had not been a data leak and explained that Flagship had been the subject of a professional organised crime ransomware attack but there had been no evidence that personal data had been lost. On 1st November 2020, a gang of professional cyber criminals illegally gained access to the Flagship systems. Some ransomware software had been released which had been designed to encrypt the live and backup systems to effectively disable the Flagship operations, with the intention of forcing them to pay a ransom to regain access. It had been a highly sophisticated attack by a professional organisation.


Flagship had a monitoring alert system which alerted the attack, and the IT Team had forced a rapid shutdown of all networks and systems to protect the back-up data and eject the criminals before the criminal activity had been completed.


Unfortunately, the shutdown had left the IT service unavailable for a short period of time to enable a check and review of each system to be carried out and restored in line with their disaster recovery plan.  The customer frontline service had been the first to be restored gradually followed by the back-office systems.


Flagship had employed a number of cyber specialist teams, who performed forensic checks.


There had already been a number of systems in place to protect the information and as part of the restoration all systems were now ‘Cloud’ based.


Flagship had kept customers up to date as much as possible on the website and social media, and although there was no evidence that any data had been stolen, it was understandable that customers would have concerns and therefore all customers had been offered a 12-month subscription to Experion to assist with the monitoring of any unusual activity.


The investigation was still ongoing.


Councillor Birt felt that Flagship had acted quickly during this uncertain time and asked that once the investigation had been completed if any findings could be shared with Breckland Council.


Councillor Wickerson appreciated the steps taken by Flagship, everyone needed to be more vigilant as IT progressed so quickly, and it was important to look ahead to protect the data of residents.


Councillor Martin thanked Flagship for helping residents in respect of this matter and with the flooding issues.


The Chairman declared this Call for Action was now closed.  He thanked Flagship for attending the meeting and if any evidence was found, he would be grateful if they could be shared with Members.