The UK Electoral Commission revealed Tuesday (August 8) it has been the victim of a "complex cyber-attack," potentially affecting millions of voters in the process.
In a public notice, the British election watchdog added unspecified "hostile actors" had managed to gain access to copies of the electoral registers from August 2021, which it was holding for research purposes, as well as for conducting checks on political donors.
It further said the information it held at the time of the attack included the names and addresses of people in the UK who registered to vote between 2014 and 2022. This also included those who opted to keep their details off the open register, which could be purchased by clients such as credit reference agencies, as well as the names of overseas voters but not their addresses.
Hackers also broke into the Electoral Commission's emails and "control systems," but only discovered the attack in October last year, the BBC reported.
However, the data of people who qualified to register anonymously for safety or security reasons was not accessed, the watchdog added.
As a result, the commission told the public to watch out for unauthorized use of their data.
Read Also: North Korea Hacks Top Russian Missile Developer Despite Kim Jong Un, Vladimir Putin Alliance
Electoral Commission: Sorry For the Inconvenience
The commission admitted it is difficult to predict exactly how many people were affected by the cyberattack, but they estimated the register for each year contained the details of around 40 million people.
Meanwhile, Information about donations and loans to political parties and registered campaigners is held in a system that is not affected by this incident, the notice added.
Electoral Commission chief executive Shaun McNally said he understood the public concern and would like to apologize to those affected.
For its part, the Information Commissioner's Office, which is responsible for data protection in the UK, said it was urgently investigating.