A security breach led to the personal details of 40 million voters in Britain being hacked, resulting in the reprimand of the election watchdog.
The Information Commissioner’s Office found that the Electoral Commission failed to update its servers with the necessary security patches, allowing the breach to occur in August 2021 and go undetected until October 2022.
The Conservative government initially blamed Chinese hackers for the breach, prompting diplomatic actions between Britain and China.
Subsequently, the United States also accused Chinese hackers of targeting various entities, leading to joint sanctions by both countries. New Zealand also expressed concerns about Chinese involvement in a cyberattack on its parliament.
The breach allegedly gave Beijing access to the personal information of the 40 million voters held by the electoral commission.
The ICO deputy commissioner highlighted that basic security measures could have prevented the breach and emphasized the importance of timely security updates.
Despite the breach, there is no evidence of misuse of personal information or direct harm being caused.
The Electoral Commission expressed regret for not taking adequate measures to prevent cyber attacks and has since implemented enhanced security protocols.
Steps to improve security include infrastructure modernization, password policies, and multi-factor authentication for all users.
The allegations against China have been denied, with calls for a stronger stance against Beijing by lawmakers in response to the breach.
Labour has pledged to conduct a review of the UK’s relationship with China and introduced a Cyber Security and Resilience Bill to address national cybersecurity concerns.
Government officials have acknowledged the significant cyber threats faced by the UK and emphasized the need to strengthen national resilience.
Source: www.theguardian.com
