The Electoral Commission Details
The Electoral Commission
London • 143 employees • Governments
United Kingdom
Industry
Governments
Security Incidents
1
In the United Kingdom, the Electoral Commission is the national election commission, created in 2001 as a result of the Political Parties, Elections and Referendums Act 2000. It is an independent agency that regulates party and election finance and sets standards for how elections should be run.
Security Incidents
The Electoral Commission Breach of Oct 2022
Despite the extensive nature of the compromised data, the stolen information mainly consisted of data already available in public records. The incident did not disrupt the elec...
Show more
Additionally, the perpetrators could access email contents, including any personal data shared within those messages, which may have included sensitive information such as medical conditions or financial details. Although the breach did not affect the integrity of ...
Show more
Severity Score
Significant to High
Type
Malware AttackSummary
The Electoral Commission experienced a significant cyber-attack that was identified in October 2022, although it was later determined that the attackers first accessed the systems in August 2021. The attackers were able to access the Commission's servers, including email systems and reference copies of the electoral registers. The compromised data included names, addresses, and voting records of individuals registered to vote in Great Britain between 2014 and 2022, as well as overseas voters during the same period, and Northern Ireland voters registered in 2018.Severity
The cyber-attack on the Electoral Commission revealed that hostile actors had accessed the Commission’s systems over a period of more than a year, starting from August 2021. The attackers gained entry to servers holding sensitive information, including email systems and copies of the electoral registers, which contained names, addresses, and other personal details for registered voters across various years and regions.Despite the extensive nature of the compromised data, the stolen information mainly consisted of data already available in public records. The incident did not disrupt the elec...
Show more
Impact
Hostile actors accessed critical systems, including email servers and electoral registers, gaining access to a vast amount of personal data. This data exposed included names, addresses, and email information of individuals registered to vote in Great Britain between 2014 and 2022, and specific entries for Northern Ireland in 2018.Additionally, the perpetrators could access email contents, including any personal data shared within those messages, which may have included sensitive information such as medical conditions or financial details. Although the breach did not affect the integrity of ...
Show more
KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos