ICO Reprimands UK Electoral Commission Over 2021 Cyberattack Exposing 40 Million Voters

Jul 30, 2024, 01:15 PM

The Information Commissioner’s Office (ICO) has reprimanded the UK Electoral Commission after a cyberattack exposed the personal information of approximately 40 million voters. The breach, which occurred in 2021, has been linked to Chinese hackers. The ICO criticized the Electoral Commission for failing to take basic steps to protect voter data, highlighting significant lapses in online security and cyber security failings. The attack exploited vulnerabilities in the Exchange server, including issues related to ProxyShell and passwords.