The U.K. Electoral Commission has announced that it suffered a data breach that exposed the personal information of 40 million voters. The breach occurred in August 2021 and was not detected until October 2022.
The exposed data includes voters’ names, addresses, and the date they attained the voting age that year. The Commission adds that the information was “limited, and much of it is already in the public domain.” They also say that threat actors did not modify the register, and they could not access information about political donations and loans by political parties.
According to the Commission, the voter data breach does not pose a high risk to individuals, but it is still important to be vigilant for unauthorized use or release of personal information.
The Electoral Commission declined to answer questions, citing an ongoing investigation by the U.K. data protection authority, the Information Commissioner’s Office. The Commission insists that it has taken steps to secure its systems against future attacks and improve personal data protection.
The sources for this piece include an article in CPOMAGAZINE.