Cyberattacker Accessed Data for 40 Million UK Voters
Northern Ireland police service exposed data on all cops, Intel fixes side-channel execution flaw, Phishing-as-a-service platform taken down in int'l op, Ukraine blocked Sandworm spy effort, much more
Metacurity is a reader-supported publication, and I need your help. Consider becoming a paid subscriber to receive new posts and support my work.
The UK Electoral Commission reported that a hostile cyberattacker accessed the data of 40 million voters, which went undetected for a year, and it did not tell the public about the breach for another ten months.
The Electoral Commission apologized for the security breach in which the names and addresses of all voters registered between 2014 and 2022 were open to “hostile actors” as far back as August 2021.
The attack was discovered last October and reported within 72 hours to the Information Commissioner’s Office (ICO) and the National Crime Agency. However, the public has only now been informed that the electoral registers containing millions of voters' data may have been accessible throughout that time.
The attackers were able to access full copies of the electoral registers held by the commission for research …