Criminal Records Service still disrupted 4 weeks after hack

The body that manages criminal records in the UK is still facing disruption nearly a month after a cyber-attack.

The Acro Criminal Records Office provides records to police, exchanges them internationally and processes certificates for people wishing to work with children or gain emigration visas.

It took its website and application portal offline, when the hack was detected, on 21 March.

Staff has been increased to deal with email applications but delays persist.

“We are working with the relevant authorities, including the National Cyber Security Centre, to investigate and remediate the incident,” an official said.

There was no “conclusive evidence” personal data had been compromised but investigations were “ongoing”.

On Twitter, customers said they were facing long delays, with many resorting to contacting the Acro Twitter account in the hope of securing their certificates.

John Gilday, in Scotland, told BBC News he had finally received his, so he could apply for a visa to work in Brazil, after three weeks of waiting – though his friend had received his much faster.

Rahim, in Leicester, however, who asked that his surname be withheld, told BBC News he was still waiting for his certificate, so he could get married in Morocco, and had no idea how long it would take as it was now impossible to check the status of his application.

“It’s pretty frustrating and annoying that the police are taking so long to recover from a cyber-attack,” he said.

In January, a ransomware attack led to weeks of disruption and delays to services at Royal Mail.

Hackers thought to be based in Russia reportedly demanded nearly $70m (£56m) to return computer services to normal – but Royal Mail refused.

A suspected ransomware attack by a separate gang with links to Russian cyber-criminal networks hit another big company, Capita, on 31 March.

Capita holds many public-service contracts, including providing:

A Capita official told BBC News: “We continue to work closely with specialist advisers and forensic experts in investigating the incident. We are in constant contact with all relevant regulators and authorities.

“Our investigations have not yet been able to confirm any evidence of customer, supplier or colleague data having been compromised. Once our investigations have concluded, we will if necessary inform any impacted parties.

“We have taken all appropriate steps to ensure the robustness of our systems and are confident in our ability to meet our service-delivery commitments.”

Capita says most client services remained in operation but has not issued an update on its website since 3 April.

And a criminal gang is advertising private information thought to have been be stolen in the hack.

The UK’s National Cyber Security Centre describes ransomware as a tier-one national-security threat, with attacks continuing to increase in scale and complexity.