The incident was identified in October 2022, but attackers first accessed the commission’s systems in August 2021.
The commission’s chief executive, Shaun McNally, said: “The UK’s democratic process is significantly dispersed and key aspects of it remain based on paper documentation and counting.
“This means it would be very hard to use a cyber-attack to influence the process. Nevertheless, the successful attack on the Electoral Commission highlights that organisations involved in elections remain a target, and need to remain vigilant to the risks to processes around our elections.”
This is the best summary I could come up with:
The UK’s elections watchdog has been targeted by a cyber-attack that enabled “hostile actors” to access electoral registers.
The commission’s chief executive, Shaun McNally, said: “The UK’s democratic process is significantly dispersed and key aspects of it remain based on paper documentation and counting.
The attackers were able to access reference copies of the electoral registers, held by the commission for research purposes and to enable permissibility checks on political donations.
A spokesperson for the Information Commissioner’s Office, which is the UK’s independent regulator on data protection said: “The Electoral Commission has contacted us regarding this incident and we are currently making inquiries.
“We recognise this news may cause alarm to those who are worried they may be affected and we want to reassure the public that we are investigating as a matter of urgency.
In the meantime, if anyone is concerned about how their data has been handled, they should get in touch with the ICO or check our website for advice and support.”
I’m a bot and I’m open source!