Russia suspected as 'hostile actors' behind mass voter electoral register attack
The Russian state could be behind a mass hack in which tens of millions of voters could have had their personal information stolen.
Electoral registers - which contain details such as people's home addresses and phone numbers - were accessed for over a year by "hostile actors" who hacked the Electoral Commission's servers.
The Electoral Commission said it was “not able to know conclusively” what information was stolen but most of it is already publicly available and insisted the threat to British elections is low because of their paper format.
UK security service GCHQ was called in to mitigate the "complex cyberattack" and its former boss believes Russia should be the lead suspect.
Sir David Omand, a former director of GCHQ between 1996 and 1997, said Russian President Vladimir Putin's regime would be "first on my list of suspects" because of its track record on attempting to interfere with elections.
“Russians - and I point to them in particular - have been interfering with democratic elections for some years now, think of the 2016 US election, and then the French election, and then the German election, even our own 2019 election" he told the BBC.
“They have been trying to interfere with the democratic process.
"The Electoral Commission is there to protect that process, and therefore it is not at all surprising that hostile agencies would try and hack into the Electoral Commission - find out what they are up to, find out if there is any way of using their information to tilt the table during an election, which there isn’t.
"But it’s the kind of exploration I would expect to happen.”
Home Office Minister Robert Jenrick told ITV News said he "can't speculate" as to who might be behind the attack but said the Defending Democracy Taskforce was there to "protect our electoral system against hostile states".
Home Office Minister Robert Jenrick responds to the voter hack
Russia has been accused of attempting to influence various elections around the world, including the UK Brexit referendum and the 2019 general election where Boris Johnson faced Jeremy Corbyn.
But Electoral Commission chief executive Shaun McNally said even with the information of what could be around 40 million voters, hackers would find it “very hard” to influence an election.
He said: “The UK’s democratic process is significantly dispersed and key aspects of it remain based on paper documentation and counting.
“This means it would be very hard to use a cyber attack to influence the process.
"Nevertheless, the successful attack on the Electoral Commission highlights that organisations involved in elections remain a target, and need to remain vigilant to the risks to processes around our elections.”
The Information Commissioner’s Office, the UK's independent body set up to uphold information rights, said it was "investigating as a matter of urgency" but did not allude to what evidence had been gathered.
“In the meantime, if anyone is concerned about how their data has been handled, they should get in touch with the ICO or check our website for advice and support.”
What information could hackers have stolen?
Name, first name and surname
Email addresses (personal and/or business)
Home address
Contact telephone number (personal and/or business)
Contents emails that may contain personal data
Any personal images sent to the Commission
Who could have had their information stolen?
Anyone registered to vote between 2014 and 2022
Anyone registered as an overseas voter
Those who registered to vote anonymously were not affected.
A National Cyber Security Centre spokesman said: “We provided the Electoral Commission with expert advice and support to aid their recovery after a cyber incident was first identified.
“Defending the UK’s democratic processes is a priority for the NCSC and we provide a range of guidance to help strengthen the cyber resilience of our electoral systems.”
Want a quick and expert briefing on the biggest news stories? Listen to our latest podcasts to find out What You Need To Know...