The UK’s Electoral Commission, which oversees the country’s elections, announced on Tuesday that it had been hacked by “hostile actors” who had access to its system for more than a year.
“Today we announced that we have been the subject of a complex cyber-attack, and our systems were accessed by hostile actors,” tweeted the independent body.
It did not name the attackers, who had access to servers that held its email, control systems and copies of electoral registers containing details of millions of voters.
“We know which systems were accessible to the hostile actors, but are not able to know conclusively what files may or may not have been accessed,” Electoral Commission Chief Executive Shaun McNally said in a statement.
The incident was identified in October 2022 after suspicious activity was detected on its systems.
“It became clear that hostile actors had first accessed the systems in August 2021,” said the commission.
“We regret that it took so long to detect.”
It explained that it had needed to take remedial measures including blocking access to the hackers, assessing the extent of the incident and putting “additional security measures in place,” before making the incident public.
