Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

UK Electoral Commission suffers years-long cyber attack

Hackers had access to electoral data from August 2021 to October 2022

Add bookmark
Olivia Powell
Olivia Powell
08/09/2023
A sign that reads 'polling station' outside a sandstone building

UK election watchdog, The Electoral Commission (TEC), has been the victim of a “complex” cyber attack which has potentially exposed the data of more than 40 million voters.

News of the cyber attack was published in an FAQ on the commission’s website on August 8. In the post, TEC explained that the cyber attack was discovered in October 2022 after suspicious activity was detected on its systems. 

During the cyber attack, malicious actors were able to access TEC’s file sharing and email systems, meaning the data that was “most likely accessible” includes names, addresses, email addresses, and any other personal data sent to The Electoral Commission via email or held on the electoral registers for all those registered to vote in the UK between 2014 to 2022, as well as the names of those registered to vote overseas. This amounts to as many as 40 million voters.

TEC said it was unable to ascertain if the data accessible during the cyber attack had been copied or otherwise stolen from its systems. 

The watchdog explained that it worked with the National Cyber Security Center (NCSC) as well as external cyber security experts in order to secure its systems following the cyber security incident.

Regarding the attack, The Electoral Commission said that it "regret[s] that sufficient protections were not in place to prevent this cyber attack and apologize to those affected".

While TEC said that the data accessed by the malicious actors was "limited" and "already in the public domain". The commission noted that, according to the Information Commissioner Office’s data breach risk assessment, the data held by the electoral register “does not in itself present a high risk to individuals”. TEC did also say, however, that the data accessed “could be combined with other data in the public domain, such as that which individuals choose to share themselves, to infer patterns of behavior or to identify and profile individuals”. 

TEC explained that they were unaware of who committed the cyber attack, and no individuals or groups have yet claimed responsibility for the attack. 

Tags: cyber security cyber attack cyber security news

Upcoming Events

Digital Identity Week

June 12 - 13, 2024
Melbourne, Victoria

Register Now | View Agenda | View Event
Digital Identity Week

Anti-Financial Crime Exchange Europe 2024

September 19-20
Frankfurt, Germany

Register Now | View Agenda | View Event
Anti-Financial Crime Exchange Europe 2024

Automotive Cyber Security Europe 2024

11 to 14 November 2024
Germany, City Announced Soon

Register Now | View Agenda | View Event
Automotive Cyber Security Europe 2024
MORE EVENTS

Follow Us

         

Latest Webinars

Building high-performing development teams: Harnessing tools, processes & AI

2024-05-02
11:00 AM - 12:00 PM EDT

Discover how to enhance your development team’s efficiency through advanced tools, Agile methodologi...
Building high-performing development teams: Harnessing tools, processes & AI

Building cyber resilience

2024-04-24
11:30 AM - 12:30 PM SGT

Why it’s essential that technology seamlessly connects IT, security, risk and the business
Building cyber resilience

Strategies to enhance secure customer onboarding

2024-03-27
11:30 AM - 12:30 PM SGT

Focus on achieving speedy and secure customer onboarding and combat user lifecycle fraud with phone...
Strategies to enhance secure customer onboarding
MORE WEBINARS

RECOMMENDED

FIND CONTENT BY TYPE

Cyber Security Hub COMMUNITY

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Learn more
iqpc logo

Cyber Security Hub, a division of IQPC

© 2024 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC| Contact Us | About Us | Cookie Policy