The Electoral Commission has made it public that the threat actors may have successfully obtained registers that contained the data of millions of UK voters.
The public office revealed on Tuesday it was the subject of a cyberattack that allowed hackers to access electoral registers.
Subsequently, it apologized for the breach and assured the public of lower risk to its data and minimal impact on influencing a vote.
Hackers Obtained Sensitive Data Undetected
The hack allowed the threat actors to access reference copies of electoral registers which comprised the names and addresses of all registered voters between the year 2014 to 2022.
Furthermore, the reference copies stolen by hackers contained details of registered voters overseas and enabled access checks on political donations.
The hack was first revealed in 2022, but the threat actors initially had access to the commission’s systems in August 2021 without any revelation of the hack. This implies the hack was a success that went without discovery for a whole year.
Notably, more than 43 million people were registered in the electoral commission’s registers back in 2021 in Wales and England.
The commission declared that the hacked data was publically accessible anyway as they were on open registers, it was nothing private.
The Unaccess Danger To UK Voters
According to a report, more than 27 million people never wanted their data shared publicly and face the impending danger of threat actors’ future exploits.
The report revealed that 40 million individuals each year register on the commission’s registers. Although, this includes data on open registers, the obtained information leave rooms for potential future victims.
Notably, the commission revealed that the obtained data does not include anonymous voters. Moreover, it assured the public of continuous investigation and constant system reinforcement.
In the meantime, if anyone is concerned about the safety of their data, they should contact the ICo or check the website for advice and support, it says.