Hackers Attack the UK's Electoral Commission Systems
The UK’s Electoral Commission has been hit by a cyberattack.
In October 2022, “suspicious activity was detected on our systems,” the Commission says(Opens in a new window). An investigation determined that "hostile actors” gained access to the systems over a year before, in August 2021, but details were not shared until today.
As to why it took so long for this to be made public, the Commission tells the BBC(Opens in a new window) it had to make sure the hackers' access had been severed. "If you go public on a vulnerability before you have sealed it off, then you are risking more vulnerabilities," says Commission Chair John Pullinger.
The attack gave the hackers access to the Commission’s servers, which stored old copies of the electoral registers, the Commission’s control systems, its email, as well as information about political donations. Hackers were also able to access the names and addresses of anyone in the UK who registered to vote between 2014 and 2022, as well as those registered overseas.
The Commission determined that the register data had not been amended or changed in any way and remains in its original form. Much of the data contained in the register is also already in the public domain.
It also notes that the attack “has not had an impact on the electoral process, has not affected the rights or access to the democratic process of any individual, nor has it affected anyone’s electoral registration status." The personal data accessed “is also unlikely to present a high risk to individuals unless someone has sent us sensitive or personal information in the body of an email," it says.
The Commission says that individuals don’t need to take immediate action. However, those who registered to vote in the UK
Read more on pcmag.com
