MoD contractor hacked by China failed to report breach for months

MoD contractor hacked by China failed to report breach for months

Briefly

The IT company targeted in a Chinese hack that accessed the data of hundreds of thousands of Ministry of Defence staff failed to report the breach for months, the Guardian can reveal.

www.theguardian.comhttps://www.theguardian.com/technology/article/2024/may/10/mod-contractor-hacked-china-failed-report-breach-months

Shared Services Connected Ltd (SSCL) had been breached by a malign actor and state involvement could not be ruled out. Payroll records of 270,000 military personnel were compromised, with China not openly named as the culprit.

www.theguardian.comhttps://www.theguardian.com/technology/article/2024/may/10/mod-contractor-hacked-china-failed-report-breach-months

SSCL became aware of the breach in February but delayed reporting. The breach was discovered following an official inquiry into slow response times.

www.theguardian.comhttps://www.theguardian.com/technology/article/2024/may/10/mod-contractor-hacked-china-failed-report-breach-months

SSCL awarded a cybersecurity contract weeks after being hacked, raising concerns. Unknown government contracts related to cybersecurity with SSCL and Sopra Steria were kept secret.

www.theguardian.comhttps://www.theguardian.com/technology/article/2024/may/10/mod-contractor-hacked-china-failed-report-breach-months