News

The Electoral Commission has acknowledged that the data of millions of voters was accessible to hackers in a cyber-attack that took place almost a year ago. The security breach, discovered in October 2021, allowed “hostile actors” to access the names and addresses of voters. The incident was reported to the Information Commissioner’s Office and the National Crime Agency.

The public has only now been informed about the potential exposure of electoral registers containing voter data to unknown hackers. The Electoral Commission stated that it is difficult to determine exactly what information was accessed, but emphasized that the largely paper-based nature of elections makes it challenging for hackers to influence the outcome of a vote. However, it acknowledged that voters might still be concerned about the breach.

Shaun McNally, the CEO of the Electoral Commission, pointed out that the UK’s democratic process is decentralized and relies on paper documentation and counting. While this makes it difficult for cyber-attacks to have a direct impact, the attack on the commission highlights the ongoing threat to organizations involved in elections.

The commission explained that it took time to make the incident public because it needed to remove the hackers, assess the extent of the breach, coordinate with the National Cyber Security Centre and ICO, and implement additional security measures. The attack utilized a sophisticated method that evaded the commission’s checks, leading to a delayed detection.

The hackers were able to access reference copies of the electoral registers, which are used for research purposes and political donation checks. These registers contain the names and addresses of UK voters between 2014 and 2022, as well as the names of overseas voters. The commission’s email system was also accessible during the attack.

The commission expressed regret over the lack of sufficient protections to prevent the cyber-attack and stated that it has taken significant steps, with the assistance of specialists, to enhance the security and reliability of its IT systems. While the data in the electoral registers is limited and much of it is already public, the commission understands and apologizes for the concern caused by the potential access to these registers.

The Information Commissioner’s Office is currently investigating the incident and urges individuals who are concerned about their data to get in touch with them or consult their website for guidance and support.

The post Data of Millions of Voters Exposed in Cyber-Attack, Electoral Commission Admits appeared first on satProviders.