The U.K. government has formally accused China of orchestrating a significant cyberattack in 2021 that compromised the personal data of millions of U.K. voters.
In a statement delivered to Parliament on Monday, U.K. Deputy Prime Minister Oliver Dowden pointed to hackers affiliated with the Chinese government as responsible for the data breach at the Electoral Commission last year.
This attribution marks the first time the United Kingdom has publicly implicated China since the cyberattack was disclosed in 2023.
The Electoral Commission, tasked with managing the U.K. register of eligible voters, revealed that hackers accessed the names and addresses of approximately 40 million U.K. citizens, including those registered to vote between 2014 and 2022, as well as overseas voters. The breach, which began as early as 2021, went undetected until a year later.
The U.K. National Cyber Security Centre (NCSC) stated on Monday that it is “highly likely” Chinese hackers obtained and extracted emails and data from the electoral register during the breach. The NCSC raised concerns that Chinese intelligence might exploit the data for extensive espionage and suppression activities against perceived dissidents and critics within the U.K.
However, when approached by TechCrunch, an NCSC spokesperson declined to attribute the Electoral Commission’s data breach to a specific China-backed threat actor.
Dowden disclosed that another attempted cyberattack by a China-backed hacking group targeted the email accounts of U.K. lawmakers in 2021. Fortunately, parliamentary authorities thwarted these attempted breaches before any email accounts were compromised.
The NCSC linked these attempted email hacks to a group known as APT31, recognized for targeting the online accounts of foreign government officials. Security experts note that APT31 employs malware capable of infiltrating systems and extracting sensitive information. Previously, the Norwegian government attributed a 2018 data breach on its systems to APT31.
Although the U.K. did not specify the lawmakers targeted, the NCSC mentioned that most of the affected lawmakers have been vocal in denouncing China’s malign activities.
Liu Pengyu, a spokesperson for the Chinese Embassy in the U.K., denied the allegations, emphasizing that China condemns cyberattacks and will employ lawful measures to counter them.
Paul Chichester, NCSC’s Director of Operations, denounced the cyber incidents, describing them as part of a broader pattern of unacceptable behavior by state-affiliated Chinese actors targeting the U.K. and other nations.
Concurrently, the Biden administration accused several Chinese hackers on Monday of participating in APT31’s attempts to infiltrate U.S.-based companies. In 2020, Google security researchers linked APT31 to targeting email accounts associated with the Trump and Biden presidential campaigns.
Last month, leaked documents from Chinese government contractor I-Soon unveiled how the private contractor engages in targeting and hacking other governments at the behest of Chinese authorities.
