iStockGlasgow City Council has issued a warning over a parking fine scam amid an ongoing cyber attack.
The local authority was alerted to malicious activity on servers managed by a third-party supplier on June 19.
Affected servers have been taken offline, leaving several services unavailable, including planning applications, paying parking or bus lane fines, and ordering certificates.
Household schedules for bin collections, permits, and complaints are also impacted.
The council has now said it is aware of what appear to be scam text messages, directing recipients to pay outstanding parking fines online.
The suspicious messages do not mention Glasgow or any other location but have been received by at least some people in the city and elsewhere in the city region.
Council officials say the cybersecurity incident is ongoing, but that they are confident the attack does not involve stolen data.
It was previously confirmed that no financial systems have been affected, and no details of bank accounts or credit/debit cards processed by those systems have been compromised.
Police Scotland, the Scottish Cyber Coordination Centre (SC3), and the National Cyber Security Centre are working alongside the council to investigate the incident.
Security specialists have confirmed that the incident was not caused by email, and that email communication with the council remains safe.
North Lanarkshire Council and East Dunbartonshire Council are also both impacted by the cyber incident, as they both use Glasgow City Council’s payment portal for parking fines and appeals.
A Glasgow City Council spokesperson said: “We are investigating these texts as a matter of urgency, and details of the suspicious messages have been shared with police and the national cyber security teams that are assisting us.
“At this stage, while we can’t totally discount that this scam involves stolen data – both we and our partners are confident it does not.
“Rather, early indications are that is far more likely to be the work of either opportunistic criminals, trying to exploit the disruption to our normal online services, or a more widespread scam.
“In the meantime, we would like to assure customers that we do not use text messages to chase payment of parking fines.
“We will never call, email or message you asking for banking details – and, if you do need to pay a parking penalty, you can do so by calling the number displayed on the PCN.
“Glasgow is still working alongside Police Scotland, the Scottish Cyber Co-ordination Centre and the National Cyber Security Centre to establish whether any data was stolen during a cybersecurity incident discovered last week.
“If you are contacted by someone claiming to have your data, you should contact Police Scotland on 101.”
A spokesperson for North Lanarkshire Council added: “North Lanarkshire Council has been impacted as Glasgow City Council processes penalty charge notices for parking fines and appeals, on our behalf. No other online services are affected.”
Ann Davie, chief Executive, East Dunbartonshire Council commented: “While we have not been directly impacted by today’s incident, East Dunbartonshire Council does use Glasgow City Council’s Parking Penalty Charge Notice payment portal which has been affected in the ongoing cyber incident.
“As a result, we are in contact with Glasgow City Council to better understand the situation.”
The council’s IT provider CGI said: “CGI is working closely with Glasgow City Council and the relevant authorities on this incident.
“We take our cybersecurity obligations seriously and have robust protocols in place to identify, investigate, and remediate incidents to support business continuity for our clients.”
Follow STV News on WhatsApp
Scan the QR code on your mobile device for all the latest news from around the country
