The UK Ministry of Defence (MoD) faces a major data breach.
In a concerning development, the UK's Ministry of Defence (MoD) has been targeted by a large-scale data breach, according to Sky News reports. Sensitive information belonging to service personnel and veterans is believed to be compromised, potentially including names and bank details.
Sky News, citing investigative sources, reports that China is suspected to be behind the cyberattack. The targeted system, separate from the MoD's main computer network, has been shut down for investigation and review.
The MoD has yet to confirm the source of the attack or the extent of the breach. However, this incident raises serious concerns about the security of personnel data and the potential consequences for those affected.
The Chinese state is to be accused of two or three attempts at hacking MoD employees, including personnel. The cyberattack was on a payroll system with current service personnel and some veterans. It is largely names and bank details that have been exposed. All salaries will be paid this month.
Tobias Ellwood, a Conservative MP and former soldier, told Sky News that China "was probably looking at the financially vulnerable with a view that they may be coerced in exchange for cash."
According to the BBC, Defence Secretary Grant Shapps is due to update MPs about the hack in the Commons on Tuesday. He is expected to set out a "multi-point plan" in response, which will include action to protect affected servicemen and women.
The government's recent defence strategy update warned of a significant increase in cyberattacks by both state and non-state actors, including the use of spyware, ransomware, and offensive hacking tools.
China in Crosshairs Again: Just a few months ago, in March 2024, the UK government publicly accused China of a cyberattack in August 2021 that compromised voter data held by the Electoral Commission.
Russia's interference attempts: Further raising concerns, the National Cyber Security Centre (NCSC) identified Russian intelligence as the culprit behind a cyberattack in December 2023 aimed at disrupting UK political processes.