The UK’s data privacy watchdog has found that the personal details of millions of UK voters were left exposed to hackers due to poor security practices at the Electoral Commission. The breach occurred because passwords were not changed regularly and software updates were not applied.
The cyber-attack began in August 2021 when hackers gained access to the Electoral Registers, containing details of millions of voters, including those not publicly available. The Information Commissioner’s Office (ICO) has formally reprimanded the Electoral Commission for this security lapse. The Electoral Commission expressed regret over the insufficient protections and stated that they have since improved their security systems and processes.
No Evidence of Data Misuse
Although the investigation did not find any evidence of personal data misuse or direct harm caused by the attack, the ICO revealed that hackers had access to the Electoral Commission’s systems for over a year. The breach was discovered only after an employee reported spam emails being sent from the commission’s email server, and the hackers were eventually removed in 2022.
Accusations and Denials
The UK government has accused China of being behind the attack on the Electoral Commission. However, the Chinese embassy has dismissed these claims as “malicious slander.”
Basic Security Failures
The ICO’s investigation surfaced that the E
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.