The UK government has blamed China for a 2021 cyber attack that compromised the personal details of millions of British voters.
In a statement to lawmakers in parliament on Monday, UK Deputy Prime Minister Oliver Dowden attributed the 2021 Electoral Commission data breach to hackers working for the Chinese government.
Dowden told lawmakers that the UK government “will not hesitate to take swift and strong action wherever the Chinese government threatens UK interests”.
It is the first time the UK has attributed the breach since the cyber attack was first revealed in 2023.
The Electoral Commission, which keeps copies of Britain’s register of eligible citizens, said at the time hackers took the names and addresses of around 40 million UK citizens, including those registered to vote between 2014 and 2022 and voters abroad. The data breach began as early as 2021, but was not discovered until a year later.
In a statement on Monday, the UK’s National Cyber Security Center (NCSC) said it was “highly likely” that Chinese hackers accessed and leaked emails and data from the electoral roll during the hack.
The NCSC said Chinese intelligence could use the data for “large-scale espionage and transnational repression of dissidents and critics in the UK”.
When reached by TechCrunch, an NCSC spokesperson declined to attribute the Election Commission data breach to any specific China-backed threat actor.
Dowden said a separate cyberattack attempt by a Chinese-backed hacking group targeted the email accounts of British lawmakers in 2021, but that parliamentary authorities mitigated the hacking attempts before email accounts were breached.
The NCSC attributed these email hacking attempts to a Chinese hacker group called APT31, which is known for targeting the online accounts of foreign government officials. Security researchers say APT31 uses malware capable of creating backdoors in systems and infiltrating sensitive information. The Norwegian government in the past yielded a data breach in 2018 on its systems to APT31.
The UK did not say which lawmakers’ email accounts were targeted, but the NCSC said most of the lawmakers affected were “prominent in denouncing China’s malign activity.”
Liu Pengyu, a spokesman for the Chinese embassy in the UK, denied the claims and said China “does not encourage, support or condone attacks launched by hackers”, but added that China “will resort to legal methods” to counter of cyber attacks.
“The malicious activities we have uncovered today are indicative of a wider pattern of unacceptable behavior we are seeing from Chinese state-linked actors against the UK and around the world,” said Paul Chichester, director of operations at the NCSC. “The targeting of our democratic system is unacceptable, and the NCSC will continue to call out cybercriminals who pose a threat to the institutions and values that underpin our society.”
The Biden administration, also on Monday, charged several Chinese hackers involvement in APT31’s efforts to target US-based companies. In 2020, Google security researchers linked APT31 to targeting email accounts belonging to the Trump and Biden presidential campaigns.
Last month, a set of leaked documents from Chinese government contractor I-Soon revealed how the private contractor targets and hacks other governments at the request of Chinese authorities.
