The Communications Workers Union (CWU) has confirmed that it is still working to restore its IT systems after being compromised by a massive cyber attack last month.
In a statement, the Union revealed it was working to restore its IT systems after being hit by the debilitating cyber attack and that some union member data was held within the targeted systems.
"As a trade union, the CWU holds data and information on all members. This includes the fact that you are a member of a trade union, names, addresses, email addresses, and mobile phone numbers," the CWU wrote in an updated blog post.
"For members that pay union fees by Direct Debit, we will hold bank information also (bank name, account number and sort code). At this stage, we cannot rule out these information types having been accessed and we are therefore writing to inform you of this and advise on security steps to take."
The CWU is the main trade union in the United Kingdom for people working in the communications sector. Royal Mail and the Post Office are major employers represented by the CWU but also include some telecoms workers in companies including BT, O2, Sky, and multiple media organizations.
The recent disruption to the Communication Workers Union's (CWU) IT systems was initially believed to be a technical hiccup. This included issues faced by email as well as IT systems. However, the CWU confirmed the issue is now being treated as a cyber attack.
'Digital forensic analysis'
The CWU has informed the Information Commissioner's Office and has updated their members where possible, but the IT Systems that allow for company emails remain down.
Specialized cybersecurity advisors have been brought in to investigate the CWU cyber attack and assess the damage.
They are currently working on ‘digital forensic analysis’ and will then determine “what the next steps are and establish timelines to restore the union’s IT infrastructure”. This team will remain on site as the issue is resolved. No individual hacker or hacking group has yet claimed responsibility.
A data breach at the CWU, which represents 185,000 workers, could be particularly serious due to the volume and potentially sensitive nature of the information involved.
A series of union attacks
The CWU aren’t the only trade union to face a cyber attack this week, with the Financial Times reporting that Aslef, Britain’s trade union for train drivers, has ‘suffered from a cyber attack this week. Reports cite ‘a malicious attempt that disrupted the union’s website was reported in recent week.’
The CWU cyber attack incident serves as a stark reminder of and the importance of robust cybersecurity measures for organizations like trade unions.
Read: Paws Off! Pet Data at Risk in CVS Group Cyber Attack
By implementing strong security protocols, regularly reviewing and updating defences, and educating members about cybersecurity best practices, organizations like the CWU can help minimize the risk of future attacks and protect the valuable data entrusted to them.