Election Commission of Britain

History

2021: Data breach of 40 million British voters

At the end of July 2024, it became known that hackers stole the data of 40 million Britons by hacking the servers Election Commission. Britain The data breach occurred in August 2021, but was only discovered in October 2022. A specialist who missed a hole in online security was reprimanded.

Earlier this year, the Conservative government blamed Chinese hackers for the data breach and summoned Beijing's ambassador to the UK to explain his country's actions. As a result of the hack, Beijing allegedly gained access to the personal data of about 40 million voters stored on the network of the British Election Commission.

The Guardian

Deputy Commissioner Stephen Bonner, who deals with the issue, said the blame for the data breach was borne by the Electoral Commission, which failed to take the necessary action to protect its systems. In particular, the commission was unable to install the latest security updates in a timely manner, and its systems were vulnerable to hackers. Bonner added that despite the leak, "there is no reason to believe that any personal data was used in the malefactors' schemes, and no evidence of direct harm due to the data leak has been identified." A spokesman for the Electoral Commission issued an apology:

We regret that we have not taken sufficient protective measures to prevent a cyber attack on our networks. Following this incident, we have changed our approach to security by upgrading systems and intend to continue investing in data protection.

In 2023, the Electoral Commission said hackers had accessed copies of voter rolls with the names and addresses of anyone registered to vote in the UK between 2014 and 2022. The watchdog has now taken steps to improve its security, including by upgrading its infrastructure and implementing password policy controls and multi-factor authentication for all users.^[1]

Notes