The Scottish Environment Protection Agency (SEPA) is continuing to deal with the cyber attack which was identified on Christmas Eve.

1.2GB of data has been stolen.

Terry A’Hearn, Chief Executive of SEPA, said:

 “Whilst having moved quickly to isolate our systems, cyber security specialists, working with SEPA, Scottish Government, Police Scotland and the National Cyber Security Centre have now confirmed the significance of the ongoing incident.

“Partners have confirmed that SEPA remains subject to an ongoing ransomware attack likely to be by international serious and organised cyber-crime groups intent on disrupting public services and extorting public funds.” 

What is now clear is that with infected systems isolated, recovery may take a significant period.

A number of SEPA systems will remain badly affected for some time, with new systems required. 

Email systems remain impacted and offline. 

Information submitted to SEPA by email since Christmas Eve is not currently accessible and whilst online pollution and enquiry reporting has now been restored, information submitted in the early stages of the attack is currently not accessible.

Terry A’Hearn, continued:

“Work continues by cyber security specialists to seek to identify what the stolen data was.  Whilst we don’t know and may never know the full detail of the 1.2 GB of information stolen, what we know is that early indications suggest that the theft of information related to a number of business areas.  Some of the information stolen will have been publicly available, whilst some will not have been.”

Information included:

• Business information: Information such as, but perhaps not restricted to, publicly available regulated site permits, authorisations and enforcement notices.  Some information related to SEPA corporate plans, priorities and change programmes.
  
• Procurement information: Information such as, but perhaps not restricted to, publicly available procurement awards.
  
• Project information: Information related to our commercial work with international partners.
  
• Staff information: Personal information relating to SEPA staff.

“Staff members affected to date have been notified, are being supported and are being given access to specialist advice and services. Support, including specialist advice from Police Scotland and mitigation services, is also being offered to staff across the organisation.”