A housing provider says it has beefed up its online security after a "sophisticated" cyber attack prompted fears that customers' data could be leaked.

Flagship Group, based in Norwich, revealed a “major IT incident” had occurred on Sunday, November 1.

The attack, which left many of the company's systems offline, is believed to have been caused by ransomware known as Sodinokibi, via a suspected phishing attack.

The incident was reported to the Regulator of Social Housing, the National Cyber Security Centre (NCSC) and the Information Commissioner's Office (ICO).

At Breckland Council's Overview and Scrutiny Committee on January 14, Flagship's chief financial officer David Armstrong said an investigation was still in the "early stages", but there is no evidence of loss of personal data.

%image(14525295, type="article-full", alt="At Breckland Council's Overview and Scrutiny Committee on January 14, Flagship's chief financial officer David Armstrong, said the findings of their investigation was still in the "early stages", but there is no evidence of loss of personal data.")

He said: "Flagship was the subject of a professionally organised crime ransomware attack and at this stage, we have got no evidence of loss of personal data.

"Fortunately for us and unfortunately for them, our monitoring alert system flashed up that there was some unusual activity on the network and our IT team were able to force a rapid shutdown of all of our systems and networks, which meant that we were able to protect our back-up data and eject the criminals before they destroyed all the evidence of their activity.

"After the incident, we employed a cyber specialist team to help us with the recovery process.

"We also employed a second professional group of cybersecurity specialists who are performing the forensic investigation for us."

Flagship Group owns some 31,000 homes in the East of England and employs 1,200 people in its facilities, repairs, maintenance and heating departments.

%image(14525296, type="article-full", alt="A Flagship development in the making. Picture: Flagship Group")

After the attack, believed to have originated from "a separate continent to the East", the group has issued staff training in the form of fake phishing emails, migrated its servers to a cloud-based system with a "host of additional security measures" and brought in multi-factor identification.

They also offered all staff and customers a free 12-month subscription to a fraud and web monitoring service which 495 members of staff and 1,028 customers have taken up the offer of.

Mr Armstrong said: "A cyber attack is a very worrying time for anybody who is a customer or indeed staff.

"These two projects have been a key part of our recovery plan and will help protect us even more going forward, but no system is going to be 100pc secure."