Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
World
Michael Howie

Probe launched into cyber-attack on UK’s election registers

Britain’s data watchdog has annnounced it is “urgently” probing a huge cyber security breach at the organisation tasked with protecting elections in the UK.

Details of tens of millions of voters could have been accessed by hackers who targeted the Electoral Commission.

The elections watchdog said there was little risk of “hostile actors” being able to influence the outcome of a vote, but apologised for the breach in its systems.

The hack, which was publicly confirmed on Tuesday, allowed the attackers to access reference copies of electoral registers containing the names and addresses of people registered to vote between 2014 and 2022.

The Information Commissioner’s Office said it was investigating the hack “as a matter of urgency”.

In a statement posted on social media, it said: “The Electoral Commission told us about this incident and we are currently making enquiries. We recognise this news may cause alarm to those who are worried they may be affected.

“We want to reassure people that we are investigating as a matter of urgency.”

The attack was identified in October 2022, but the hackers had first been able to access the commission’s systems in August 2021.

Shaun McNally, the Electoral Commission’s chief executive, said: “The UK’s democratic process is significantly dispersed and key aspects of it remain based on paper documentation and counting.

“This means it would be very hard to use a cyber-attack to influence the process.

“Nevertheless, the successful attack on the Electoral Commission highlights that organisations involved in elections remain a target, and need to remain vigilant to the risks to processes around our elections.”

He said significant measures had been taken to improve security on the commission’s IT systems.

“We know which systems were accessible to the hostile actors, but are not able to know conclusively what files may or may not have been accessed,” he said.

“While the data contained in the electoral registers is limited, and much of it is already in the public domain, we understand the concern that may have been caused by the registers potentially being accessed and apologise to those affected.”

The hackers were able to access reference copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations.

The registers held at the time of the cyber-attack include the name and address of anyone in the UK who was registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters.

But they did not include the details of those registered anonymously.

The register for each year holds the details of around 40 million individuals, which were accessible to the hostile actors, although this includes people on the open registers, whose information is already in the public domain.

The National Cyber Security Centre said it had provided the commission with expert advice and support.

A spokesman said: “Defending the UK’s democratic processes is a priority for the NCSC and we provide a range of guidance to help strengthen the cyber resilience of our electoral systems.”

The Information Commissioner’s Office said it was looking into the incident.

“We recognise this news may cause alarm to those who are worried they may be affected and we want to reassure the public that we are investigating as a matter of urgency,” a spokesman said.

“In the meantime, if anyone is concerned about how their data has been handled, they should get in touch with the ICO or check our website for advice and support.”

Labour’s deputy leader Angela Rayner said: “This deeply concerning attack serves as a reminder of the critical importance of Britain’s resilience to cyber-attacks.

“Our democracy is a foundation of our society and every effort must be made to protect it.

“This serious incident must be fully and thoroughly investigated so lessons can be learned.”

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.