SafetyDetectives
$ United States dollar
$ United States dollar Euro£ British poundAED UAE dirhamARS Argentine pesoAU$ Australian dollarBGN Bulgarian levR$ Brazilian realCA$ Canadian dollarCHF Swiss francCLP Chilean pesoCN¥ Chinese yuanCOP Colombian pesoCZK Czech korunaDKK Danish kroneEGP Egyptian poundHK$ Hong Kong dollarHUF Hungarian forintIDR Indonesian rupiah Israeli new shekelINR Indian rupee¥ Japanese yen South Korean wonMX$ Mexican pesoMYR Malaysian ringgitNOK Norwegian kroneNZ$ New Zealand dollarPLN Polish złotyRON Romanian leuRUB Russian rubleSAR Saudi riyalSEK Swedish kronaSGD Singapore dollar฿ Thai bahtTRY Turkish liraNT$ New Taiwan dollarUAH Ukrainian hryvnia Vietnamese DongZAR South African rand

40 Million UK Voters Have Their Data Exposed

Tyler Cross
Tyler Cross Senior Writer
Published on: August 1, 2024
Tyler Cross Tyler Cross
Published on: August 1, 2024 Senior Writer

Hackers gained access to the UK Electoral Register, compromising 40 million UK voters’ personal records.

The Information Commissioner’s Office (ICO) issued a formal reprimand, pointing fingers at the Electoral Commission for having extremely slack security measures that allowed hackers easy access to sensitive databases. The result has put voters at risk of having their data exposed online.

The attack wasn’t the result of sophisticated malware or investigation using the latest cybersecurity tools. Instead, it was due to the company’s security systems not being updated to the proper security patch. The attack was caused by sheer negligence.

Because of this, hackers were able to gain administrative access by impersonating a user account using a known vulnerability that had already been fixed in one of the recent patch notes for the company’s security software. From 2021 to 2022 they had access to the Electoral Register and could view users’ full names, addresses, and voting history.

“If the Electoral Commission had taken basic steps to protect its systems, such as effective security patching and password management, it is highly likely that this data breach would not have happened,” explains a deputy commissioner with the ICO. “By not installing the latest security updates promptly, its systems were left exposed and vulnerable to hackers.”

The ICO reassures affected voters that there is no evidence that the stolen data is being used to harm them. They do not currently believe that the hackers have any reason to misuse the data. It’s also possible that the data wasn’t scraped.

The company has also taken steps to maintain better security standards, including using better cybersecurity software and taking more care to promote internal security standards.

“As the ICO has noted and welcomed, since the attack we have made changes to our approach, systems, and processes to strengthen the security and resilience of our systems and will continue to invest in this area,” the Electoral Commission explains in a recent statement.

About the Author
Tyler Cross
Tyler Cross
Senior Writer
Published on: August 1, 2024

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends.

Leave a Comment