MoD personal data targeted in third-party data breach

08/05/2024 | BBC News

A significant data breach involving the UK Ministry of Defence (MoD) emerged on Monday, with the personal information of an unknown number of current and former UK military personnel having been accessed, according to BBC News. The cyberattack targeted an MoD payroll system managed by an external contractor. The impacted data includes names, bank details, and, in a few cases, personal addresses of current and former members of the Royal Navy, Army and Royal Air Force dating back several years. The MoD acted swiftly to take the affected system offline while investigations are underway. 

It is unknown who is behind the cyberattack, although The Guardian reports Conservative MP Mel Stride said on Tuesday morning that a "state actor" is likely responsible. The warning comes ahead of a statement from Defence Secretary Grant Shapps, who is expected to address MPs regarding the matter in the Commons on Tuesday. 

In an update on Tuesday, BBC News revealed Grant Shapps informed MPs that the UK government had reason to believe that the recent hack of the Ministry of Defence (MoD) was the work of a "malign actor." Sources suggest that the government suspects China was responsible for the breach. China strongly denies the allegations. Shapps criticised the contractor-operated system, allegedly Shared Services Connected Ltd (SSCL), stating that there was "evidence of failings" and apologised to the affected servicemen and women. According to The Register, up to 272,000 people may have been affected by the incident.

In a statement responding to the breach, the Information Commissioner's Office (ICO) said, "The Ministry of Defence has made us aware of this incident, and we are assessing the information provided."

Read Full Story
Ministry of Defence

What is this page?

You are reading a summary article on the Privacy Newsfeed, a free resource for DPOs and other professionals with privacy or data protection responsibilities helping them stay informed of industry news all in one place. The information here is a brief snippet relating to a single piece of original content or several articles about a common topic or thread. The main contributor is listed in the top left-hand corner, just beneath the article title.

The Privacy Newsfeed monitors over 300 global publications, of which more than 4,350 summary articles have been posted to the online archive dating back to the beginning of 2020. A weekly roundup is available by email every Friday.

Freevacy has been shortlisted in the Best Educator category.
The PICCASO Privacy Awards recognise the people making an outstanding contribution to this dynamic and fast-growing sector.