UK Electoral Commission: Voters' details stolen in cyber attack

The UK Electoral Commission reported that suspicious activity was detected on the systems in October 2022, but it was revealed that the attackers first gained access to the systems in August 2021. "As part of the attack, the actors were able to access reference copies of electoral records held by the Commission for research purposes and to provide permissibility checks on political donations. The records held at the time of the cyber-attack contain the names and addresses of everyone registered to vote in the UK between 2014 and 2022, as well as the names of those registered as overseas voters. The records did not include details of those registered anonymously. The Commission's email system was also accessed during the attack," it said.

"WILL NOT AFFECT THE ELECTORAL PROCESS"

Shaun McNally, Chief Executive of the Electoral Commission, said: "The electoral process in the UK is still based on paper ballot papers and counting, which means it would be very difficult to use cyber attacks to influence the process. This means that it would be very difficult to use a cyber attack to influence the process."

"WE REGRET THAT WE DID NOT PROVIDE ADEQUATE PROTECTION"

McNally apologised for not providing adequate protection against the attack and said, "We regret that we did not provide adequate protection to prevent this cyber attack. Since the attack was detected, we have taken significant steps with the support of experts to improve the security, resilience and reliability of our IT systems."