According to multiple sources, dozens of email accounts belonging to members of the UK Parliament got compromised during a recent cyber attack.
It would seem that hackers attacked Parliament’s email server on Saturday. In order to respond, the digital security team decided to shut down access to the email accounts completely, and they still did not raise this quarantine. Despite the fact that the attack has been contained, this restriction will stay for a while now.
According to the preliminary investigations, it is possible that multiple communications were compromised during the attack. This is especially concerning when we include the fact that a lot of them were between constituents and the elected officials of the Parliament. For now, the investigation continues.
Some sources claimed that also that less than 1% of the total email accounts were compromised. This is one of the statements that were also confirmed by the Parliament’s spokesperson. Apparently, that means that 1% or less of the 9,000 accounts were actually breached.
However, those 9,000 accounts do not all belong to senior ministers and other MPs. Instead, many belong to civil servants and Parliament’s staff. All that is known for now is that dozens of accounts have been compromised. However, it is yet unknown who do they belong to, who is responsible for the attack itself, or even how much information was obtained.
Security teams claim that sensitive details from the emails belonging to ministers were not compromised. They also said that ministers can carry on with their duties by using their departmental emails. These email accounts should be safe from the hackers since they are on the gov.uk domain. On the other hand, the hacked emails are hosted on the parliament.uk domain, which is still considered to be compromised.
When it comes to how did the accounts got hacked, the official statement issued by the parliamentary spokesperson is that the weak passwords are to blame. Apparently, the account holders did not follow the proper guidance when it comes to the password strength.
They later added that they discovered the identities of the breached account holders and that they are being contacted. Even more, investigations are expected in attempts to determine whether or not did any data get stolen.
One of the statements claimed that the attacks were made by hackers who tried to attack all at once in an attempt to find the weak accounts. Apparently, they did not have predetermined targets, but instead, they simply probed the servers and Parliament’s digital defenses.
Right now, the priority is to conclude this investigation, update the security of the network, and continue business as usual.