"The hackers first breach was in August 2021, using a security flaw in a popular software programme called Microsoft Exchange. The digital hole was being exploited by suspected Chinese spies around the world and organisations were being warned to download a software patch to protect themselves. Despite months of warnings, the commission failed to do so. Hackers had access to the full open electoral register containing the names and addresses of all 40m UK voters."
"In the first interview about the hack, the commission's new boss admits huge mistakes were made, but says the organisation is now secure. "The whole thing was an enormous shock and basically it's taken us quite a few years to recover from it," says chief executive Vijay Rangarajan. "The culture here has changed significantly now partly as a result of this. It's a very painful way to learn.""
The Electoral Commission suffered a breach beginning in August 2021 through a Microsoft Exchange vulnerability that was being exploited globally. Hackers accessed the full open electoral register with names and addresses of 40 million UK voters and could read all commission emails. The intrusion remained undetected until October 2022 during a password system upgrade. Recovery required three years and at least a quarter of a million pounds. Investigations identified basic security failures including unpatched software, poor password practices and failure of a government security audit. Chief executive Vijay Rangarajan said the breach was an enormous shock, has changed organisational culture, and that the organisation is now secure.
Read at www.bbc.com
Unable to calculate read time
Collection
[
|
...
]