A senior Conservative MP has reportedly admitted to giving out the personal phone numbers of colleagues to a person he met on a dating app.
William Wragg told the Times that he gave the information after he had sent intimate pictures of himself, saying he was “scared” and “mortified”.
Leicestershire police have launched an investigation in response to reports that explicit images and flirtatious messages were sent to MPs as part of an alleged “spear-phishing” attack.
The police force said it had started an inquiry after receiving a complaint from an MP who received a number of unsolicited messages last month.
Wragg told the paper: “They had compromising things on me. They wouldn’t leave me alone. They would ask for people.
“I gave them some numbers, not all of them. I told him to stop. He’s manipulated me and now I’ve hurt other people.”
The MP for Hazel Grove in Greater Manchester added: “I was worried because he had stuff on me. He gave me a WhatsApp number, which doesn’t work now. I’ve hurt people by being weak. I was scared. I’m mortified.
“I’m so sorry that my weakness has caused other people hurt.”
A “spear-phishing” cyber-attack targets specific groups and involves scammers pretending to be trusted senders in order to steal personal or sensitive information.
Earlier this week, Politico reported that 12 people working in Westminster, including a serving government minister, had been contacted by an unknown number detailing prior meetings with politicians in efforts to acquire personal or sensitive information in the past six months.
The Guardian spoke to a 13th person who was targeted in the exact same way by a WhatsApp user calling themselves “Abigail” or “Abi”.
Politico reported that the 12 targets it had confirmed so far included three MPs, two political journalists, a broadcaster, four party staff, a former Tory MP and an all-party parliamentary group manager. The targets include members of the Conservative and Labour parties.
The unsolicited messages would include details of the MP’s career and campaigns they had worked on. A former government special adviser received the first message on 23 January 2023, suggesting the phishing operation has been under way for at least 14 months.
He received a message from an unknown number in the evening that said: “Long time no speak [eyes emoji], how’re you?”
Senior political figures, including Alicia Kearns, the chair of the foreign affairs committee, and Iain Duncan Smith, the former Conservative leader, have suggested that a foreign state should be considered a potential culprit for what is being described as a “honeytrap” type attack.
A Leicestershire police spokesperson said: “Leicestershire police is investigating a report of malicious communications after a number of unsolicited messages were sent to a Leicestershire MP last month.
“They were reported to police on Tuesday 19 March. Inquiries are ongoing.”
Until police got involved, the lead had been taken by parliamentary authorities, who said they were encouraging anyone with concerns to contact the parliamentary security department, and that security advice had been sent to MPs and staff.
A parliamentary spokesperson said: “Parliament takes security extremely seriously and works closely with government in response to such incidents.
“We provide members and staff with tailored advice, making them aware of security risks and how to manage their digital safety.
“We are encouraging anyone affected who has concerns to contact the parliamentary security department.”
Sources said parliamentary authorities were working with the government to “analyse and understand the nature of the messages” but that it would be premature to speculate on their origin.