Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Daily Record
Daily Record
Politics
Andrew Quinn

SNP MP Stewart McDonald has emails hacked by Russian group

An SNP MP has claimed his emails have been hacked by a Russian spy service.

Stewart McDonald told the BBC his emails were stolen and he feared they would be made public after he fell victim to a phishing scam.

The MP for Glasgow South said that the incident had occurred in early January when a hacking group believed to be linked to Russia’s intelligence services emailed him pretending to be a member of his staff.

After clicking on the document which was sent from the staff member’s actual email address, the MP entered his login details into a login page.

Several days later the same staff member informed McDonald he had been locked out of his personal email account because of suspicious activity – and that he had never sent him the email with the login page.

McDonald said he decided to go public to warn others of the risks and limit the potential damage as he waited to see what the hackers would do with the stolen material.

He said that he had spoken to the parliamentary security team and the National Cyber Security Centre (NCSC).

He tweeted: "Over the past couple of weeks I have been dealing with a sophisticated and targeted spear phishing hack of my personal email account, and the personal email account belonging to one of my staff. These hacks are a criminal offence.

"Although attempts to hack my parliamentary account are continuous - as is the case for all MPs - these have not been successful. I want to assure constituents that their information is secure. My private account is not used for constituency or parliamentary business.

"Having spoken with officials from parliament's security team and also NCSC, I am confident that my inboxes are now secure. The private email account that was criminally hacked is now no longer actively used by me.

"It became clear that the tactics used in this hack mirrored a recent NCSC advisory notice on spear phishing emails that target academia, defence, government organisations, NGOs, think-tanks, as well as politicians, journalists and activists.

"As was the case here, these attempts are highly sophisticated and deeply convincing. Having spoken with others who this has also happened to - most of whom have a heightened sense of cyber security and good practice - it's easy to see how anyone can fall victim.

"I have to assume that some of the stolen information may appear online. I also don't doubt that, in amongst some genuine emails, there will be emails that are entirely false, mixed in amongst emails that are genuine. It's an old tactic.

"Equally, they may not appear online. It may be the case that the hackers simply wanted to collect information on who I am talking to and what is being said. Some of the victims I know have experience of their emails being published, in other cases there has been nothing.

To sign up to the Daily Record Politics newsletter, click here.

READ NEXT:

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.