- Nearly 600 armed personnel, civil servants and contractors had logins stolen
Russian hackers have stolen hundreds of Ministry of Defence emails and passwords and posted them on the dark web, according to the i.
Login-ins belonging to nearly 600 UK armed forces personnel, MoD civil servants and defence contractors are believed to have been swiped by cybercriminals since 2020.
The MoD is said to be investigating this major security breach after the data was taken and leaked on the dark web in yet another cyber-attack faced by the UK Government.
It is believed that many of the affected employees are based in the UK, but account details of MoD staff located overseas were also compromised, potentially presenting a significant security risk.
Locations of exposed staff are understood to include Iraq, Qatar, Cyprus and mainland Europe.
While it is understood that the information was stolen using Russian hacking tools, there is no evidence the hack was directed by Kremlin.
The stolen data includes email addresses and other login-information required for the MoD’s Defence Gateway portal, a secure online platform for all British military personnel.
Although the system does not contain classified information, according to the MoD it is integral to staff communication and provides access to human resources and health data.
Hackers have stolen hundreds of Ministry of Defence emails and passwords, according to the i
Logins from nearly 600 armed forces personnel, MoD civil servants and defence contractors have now been leaked on the dark web
It is believed that the majority of the data was stolen from staff using their personal devices to access the Defence Gateway online platform.
According to the i, cyber security experts believe there is a risk hackers could access other sensitive credentials of MoD staff, including private email accounts, online banking, and social media accounts which might pose a potential blackmail risk.
The MoD told the newspaper they were constantly investigating the theft of credentials, alongside the Government’s National Cyber Security Centre (NCSC), searching on the dark web and ‘repatriating’ any which have been stolen.
One intelligence source told the i: ‘This type of activity is often the first stage of a covert recruitment operation by adversaries.
‘Stolen data provides hackers with personal information hostile actors can then use to coerce or blackmail employees.’
Alon Gal, chief technical officer of cybercrime intelligence firm Hudson Rock, said: ‘The theft of such credentials can lead to significant security challenges, including supply chain risks, and the ability of an attacker to laterally move across connected platforms.’
He added: ‘For Ministry of Defence personnel and contractors, this would jeopardise broader operational security and could expose sensitive data.’
A government spokesperson told the i: ‘We take a robust response to cyber threats which threaten our national interests and work round the clock to address vulnerabilities and protect critical services.
‘It is important for individuals and organisations to remain vigilant against the risks posed by information theft.’
A government spokesperson told the i: ‘We take a robust response to cyber threats which threaten our national interests and work round the clock to address vulnerabilities and protect critical services.
‘It is important for individuals and organisations to remain vigilant against the risks posed by information theft.’
This is a breaking story. More to follow…