Get all your news in one place.

100’s of premium titles.
One app.

Get all your news in one place.

100’s of premium titles. One news app.

TechRadar

Benedict Collins

ICO reprimands UK Electoral Commission over cyberattack that left voter data exposed

EC ICO the Electoral Commission

Hand of a person casting a vote into the ballot box during elections.

The Information Commissioner's Office (ICO) has reprimanded the UK Electoral Commission (EC) after hackers breached servers containing the personal information of 40 million people.

The attack occurred in August 2021, with the hackers breaching the servers through user impersonation and exploiting known vulnerabilities that had not been patched.

The attackers had access to the systems, which contained names and home addresses, until October 2022, with the hackers accessing the data on multiple occasions during this time.

Lack of appropriate security measures

The ICO’s reprimand stems from a lack of appropriate security measures that should have been in place to protect the personal information of millions of registered voters. Specifically, the vulnerabilities exploited by the attackers were patched in April and May of 2021, but were not applied by the EC..

Moreover, many EC accounts were still using default or weak passwords, likely contributing to the attackers ability to impersonate a user account and gain access to the servers. Following the breach, the EC enacted remedial security improvements and implemented an infrastructure improvement plan, alongside best practices for passwords and multi-factor authentication for all users.

Stephen Bonner, Deputy Commissioner at the ICO, commented on the reprimand stating, “The Electoral Commission handles the personal information of millions of people, all of whom expect their data to be in safe hands.

“If the Electoral Commission had taken basic steps to protect its systems, such as effective security patching and password management, it is highly likely that this data breach would not have happened. By not installing the latest security updates promptly, its systems were left exposed and vulnerable to hackers.”

“This action should serve as a reminder to all organisations that you must take proactive and preventative measures to ensure your systems are secure. Do you know if your organisation has installed the latest security updates? If not, then you jeopardise people's personal information and risk enforcement action, including fines,” Bonner concluded.

More from TechRadar Pro

Here is our guide to the best endpoint protection
Google admits it accidentally broke its own password manager
These are the best internet security suites

Sign up to read this article

Read news from 100’s of titles, curated specifically for you.

Already a member? Sign in here

Top stories on inkl right now

Harris Or Trump? First Polls Close As US Nervously Awaits Result

Harris Or Trump? First Polls Close As US Nervously Awaits Result

The first polls closed Tuesday in the volatile White House race between Kamala Harris and Donald Trump as a divided nation anxiously awaited the result of one of the tightest elections in US history.

International Business Times

Arizona Voters to Decide if Local Police Can Arrest Migrants, Though New Law's Future is Uncertain

Arizona Voters to Decide if Local Police Can Arrest Migrants, Though New Law's Future is Uncertain

Texas, Iowa, and Oklahoma have tried to pass state-level immigration laws, but efforts have been consistently blocked by federal courts.

Election exit polls show economy, immigration and democracy among top issues for voters

Election exit polls show economy, immigration and democracy among top issues for voters

Majority of voters reported feeling negatively about direction of the country, exit polling data shows

The Independent UK

NASCAR suspends nine people, issues $300,000 in fines for race manipulation

NASCAR suspends nine people, issues $300,000 in fines for race manipulation

NASCAR has penalized the No. 23 23XI Racing Toyota of Bubba Wallace, the No. 3 Richard Childress Racing Chevrolet of Austin Dillon, and the No. 1 Trackhouse Racing Chevrolet of Ross Chastain, due to what the Series has deemed potential race manipulation after the review of Sunday's radio communications of those…

One subscription that gives you access to news from hundreds of sites

Already a member? Sign in here

At least two dead and five missing in tragic boating accidents off California coast

At least two dead and five missing in tragic boating accidents off California coast

Extreme wind conditions are expected to continue along much of the California coast this week

The Independent UK

Fake bomb threats linked to Russia reported at US polling sites, says FBI

Fake bomb threats linked to Russia reported at US polling sites, says FBI

At least two polling sites in Georgia were briefly evacuated

Evening Standard

Related Stories

Top stories on inkl right now

Harris Or Trump? First Polls Close As US Nervously Awaits Result

Harris Or Trump? First Polls Close As US Nervously Awaits Result

The first polls closed Tuesday in the volatile White House race between Kamala Harris and Donald Trump as a divided nation anxiously awaited the result of one of the tightest elections in US history.

International Business Times

Arizona Voters to Decide if Local Police Can Arrest Migrants, Though New Law's Future is Uncertain

Arizona Voters to Decide if Local Police Can Arrest Migrants, Though New Law's Future is Uncertain

Texas, Iowa, and Oklahoma have tried to pass state-level immigration laws, but efforts have been consistently blocked by federal courts.

Election exit polls show economy, immigration and democracy among top issues for voters

Election exit polls show economy, immigration and democracy among top issues for voters

Majority of voters reported feeling negatively about direction of the country, exit polling data shows

The Independent UK

NASCAR suspends nine people, issues $300,000 in fines for race manipulation

NASCAR suspends nine people, issues $300,000 in fines for race manipulation

NASCAR has penalized the No. 23 23XI Racing Toyota of Bubba Wallace, the No. 3 Richard Childress Racing Chevrolet of Austin Dillon, and the No. 1 Trackhouse Racing Chevrolet of Ross Chastain, due to what the Series has deemed potential race manipulation after the review of Sunday's radio communications of those…

One subscription that gives you access to news from hundreds of sites

Already a member? Sign in here

At least two dead and five missing in tragic boating accidents off California coast

At least two dead and five missing in tragic boating accidents off California coast

Extreme wind conditions are expected to continue along much of the California coast this week

The Independent UK

Fake bomb threats linked to Russia reported at US polling sites, says FBI

Fake bomb threats linked to Russia reported at US polling sites, says FBI

At least two polling sites in Georgia were briefly evacuated

Evening Standard

Our Picks

Influencer banned from New York City Marathon after camera crew followed him on e-bikes

Matt Choi receives lifetime ban from NYC Marathon after runners complained his camera crew had obstructed the course

The Independent UK

Barry Keoghan Dismisses Prosthetic Rumors About Viral ‘Saltburn’ Dance Scene: “It Was All Me”

"It was all me." Actor Barry Keoghan categorically denied the usage of prosthetic equipment to “enhance” his intimate parts in a naked scene on the movie Saltburn. The post Barry Keoghan Dismisses Prosthetic Rumors About Viral ‘Saltburn’ Dance Scene: “It Was All Me” first appeared on Bored Panda.

Selena Gomez had the perfect response to cruel body shamers

She's happy with her body, thank you very much

“Disgusting”: Brad Pitt Fan Accused Of ‘Harassing’ Actor After Kissing Him And Grabbing His Neck

"How disgusting that someone you don't know kisses you without your permission." The post “Disgusting”: Brad Pitt Fan Accused Of ‘Harassing’ Actor After Kissing Him And Grabbing His Neck first appeared on Bored Panda.

Squid Game season 2: when is it coming out and who's in the cast?

Details of a long-awaited sequel to the smash-hit Netflix show have emerged

Evening Standard

Family Feud reveals the most common fact Americans know about Prince Harry – and it’s not flattering

The top answer for things ‘people know about Prince Harry’ was his marriage to Meghan Markle

The Independent UK

Fourteen days free

Download the app

One app. One membership.
100+ trusted global sources.

Download on the AppStore

Get it on Google Play