We are aware of a cyber incident affecting IT services within the Diocese of Liverpool and Liverpool Cathedral.
This incident is the result of unauthorised and criminal activity. We are working closely with IT specialists and partner agencies, including Merseyside Police and Action Fraud, to investigate and resolve the issue as quickly as possible.
Initial findings indicate this involved what has been described as a ‘brute force’ attack. We have taken immediate steps to secure our systems and have reported the incident to the Information Commissioner’s Office and the Charity Commission.
We are working to identify and contact those who may be affected as an absolute priority. If you have any concerns, please contact: enquiries@liverpool.anglican.org. This inbox is being monitored carefully, and all enquiries will be handled sensitively.
We will share further updates as more information becomes available.
Please find some useful links below which is national guidance from NCSC on Cyber Protection Tips, advice and guidance, these are great free resources and worthy of have a look through the webpages.
https://www.ncsc.gov.uk/cyberaware
https://www.ncsc.gov.uk/section/information-for/individuals-families
https://www.ncsc.gov.uk/guidance/social-media-how-to-use-it-safely
Another great webpage which you may wish to look at is the below – Have I been pwned – This allows you to put in your email address and let you see if any of your Emails or Passwords have been compromised in the past, this also allows you to check your passwords and identify if they have been breached.
If you receive suspicious Emails that you believe are phishing emails, we suggest that you report the email you received to the NCSC suspicious email reporting service (SERS) which you can find the link below. This will allow us to build up the intelligence picture and prevent this from happening to anyone else:
https://www.ncsc.gov.uk/information/report-suspicious-emails
Any suspicious ‘phishing’ or scam emails you may receive, can be forwarded to report@phishing.gov.uk
The below link from the National Cyber Security Centre details password managers:
https://www.ncsc.gov.uk/blog-post/what-does-ncsc-think-password-managers
This site has step by step guides on how to enable ‘multi factor authentication’. It is a security feature on various sites that you may use to make them more secure:
https://docs.microsoft.com/en-GB/azure/active-directory/user-help/user-help-auth-app-overview
Here is information on 2FA security for both for both ‘Apple’ and ‘Google’ and an application setup site:
APPLE USER – https://support.apple.com/en-gb/HT204915
GOOGLE USER – https://www.google.com/landing/2step/
