2017 Westminster data breach - Wikipedia Jump to content

2017 Westminster data breach

From Wikipedia, the free encyclopedia

The 2017 Westminster data breach occurred on 23 June 2017, when an unauthorised attempt was made to gain access to email accounts belonging to a number of politicians at the United Kingdom's Houses of Parliament.[1] Whitehall officials have claimed that Iran was behind the attack. [2]

The incident was followed by an attempt to hack accounts belonging to politicians at the Scottish Parliament in August 2017.

Events

[edit]

Parliamentarians were told about the cyberattack on the evening of 23 June, and it was made public knowledge the following day by Chris Rennard, a Liberal Democrat member of the House of Lords who posted a request on social media asking people needing to contact him urgently to do so via text message. Remote access to politicians email accounts was disabled.

However, a spokesperson for the House of Commons said that this was a precautionary measure to protect security rather than a consequence of the cyberattack itself. The matter is being investigated by the National Cyber Security Centre with assistance from the National Crime Agency.[3]

Westminster authorities described the attack as "sustained and determined", and follows media reports that the email passwords of government ministers had been obtained by hackers and were being sold online.[4]

On 25 June, a Westminster spokesperson confirmed the cyberattack had been an attempt to hack email accounts with weak passwords, but that an investigation had found less than 1% of the 9,000 email addresses associated with parliament had been compromised—a figure representing around 90 email accounts. However, it was still being treated as a serious security breach: "The figure is less than many feared, but is still a breach."[5] MPs subsequently said that agencies with links to either Russia or North Korea were suspected of being behind the attack.[6]

Holyrood cyberattack

[edit]

On 15 August, officials at Holyrood, home of the Scottish Parliament warned that accounts belonging to Members of the Scottish Parliament (MSPs) were currently the subject of a Brute-force attack which was attempting to crack weak passwords, but that no accounts had been compromised. However, MSPs were warned they may find themselves temporarily locked out of their accounts for security reasons. News outlets, such as The Guardian reported the attack was similar in nature to the one that had occurred at Westminster.[6] The following day officials said that Holyrood was working with the UK's National Cyber Security Centre to increase security measures.[7]

References

[edit]
  1. ^ "Cyber-attack on parliament leaves MPs unable to access emails". The Guardian. 24 June 2017. Archived from the original on 24 June 2017. Retrieved 24 June 2017.
  2. ^ "Iran blamed for Parliament cyber-attack". BBC News. BBC. 14 October 2017. Retrieved 20 December 2020.
  3. ^ "Parliament hit by cyber-attack". BBC News. BBC. 24 June 2017. Archived from the original on 24 June 2017. Retrieved 24 June 2017.
  4. ^ Riley-Smith, Ben (24 June 2017). "Parliament hit by 'sustained and determined' cyber attack leaving MPs unable to access their emails remotely". The Telegraph. Telegraph Media Group. Archived from the original on 24 June 2017. Retrieved 24 June 2017.
  5. ^ Syal, Rajeev (25 June 2017). "Parliament cyber-attack hits fewer than 90 email accounts". The Guardian. Archived from the original on 30 June 2017. Retrieved 1 July 2017.
  6. ^ a b Carrell, Severin (15 August 2017). "Scottish parliament hit by cyber-attack similar to Westminster assault". The Guardian. Archived from the original on 27 August 2017. Retrieved 28 August 2017.
  7. ^ "Ongoing Holyrood cyber attack fails to breach security". BBC News. BBC. 16 August 2017. Archived from the original on 30 August 2017. Retrieved 28 August 2017.