Parliament hit by cyber attack
26 June 2017
A CYBER attack on Parliament has resulted in up to 90 email accounts being compromised and there are reports of ministers’ login details being put up for sale on the dark web.
The hack resulted in officials disabling remote access to emails for MPs, peers and staff as a precaution. The attack has been contained and an investigation is currently underway, which has already identified that correspondence between constituents and elected officials may have been illegally accessed.
A parliamentary spokesperson said: “We have discovered unauthorised attempts to access accounts of parliamentary networks users and are investigating this ongoing incident, working closely with the National Cyber Security Centre.
“Parliament has robust measures in place to protect all of our accounts and systems, and we are taking the necessary steps to protect and secure our network. As a precaution, we have temporarily restricted remote access to the network.
“As a result, some Members of Parliament and staff cannot access their email accounts outside of Westminster. IT services on the Parliamentary Estate are working normally. We will continue to keep Members of both Houses of Parliament and the public updated as the situation develops.”
A spokesperson for the National Cyber Security Centre (NCSC) added: “The NCSC is aware of an incident and is working around the clock with the UK Parliamentary digital security team to understand what has happened and advise on the necessary mitigating actions.”
Ministers’ emails are held on a different server than the parliamentary accounts but International Trade Secretary Liam Fox revealed that the government is aware of reports that ministers’ login details may have been separately compromised. He told the BBC: "We have seen reports in the last few days of even cabinet ministers' passwords being for sale online.
"We know that our public services are attacked so it is not at all surprising that there should be an attempt to hack into parliamentary emails. And it's a warning to everybody, whether they are in Parliament or elsewhere, that they need to do everything possible to maintain their own cyber-security.”