Majority of UK MPs have had their data leaked to the dark web
More than two-thirds of British politicians have had their data leaked to the dark web, according to the latest data. 68% of British politicians currently sitting in the House of Commons have had some form of personal data exposed on the dark web, including information such as plain text passwords and email addresses.
The new data comes from a joint investigation conducted by digital risk firm Constella Intelligence and privacy service Proton. Out of 650 MPs, 443 have had their personal data exposed on the dark web, primarily collected from third-party services that MPs have signed up to using their parliamentary email addresses.
Comparatively, only 44% of EU MEPs have had their data leaked. French deputies and senators had the best security measures in place, with only 18% of their searched emails appearing in hacker exchanges.
Richie Koch, editor for Proton, emphasized that the exposure of these emails on the dark web does not necessarily indicate a security breach within the British, European, or French parliaments. Instead, it highlights the risky practice of politicians using their official email addresses to register on third-party websites, leaving their personal information vulnerable to cyber threats.
The hacked personal data of MPs includes 216 plain text passwords associated with their accounts, with some MPs having up to 10 passwords exposed. Additionally, parliamentary email addresses were the most commonly exposed data, appearing 2,110 times. This poses a significant risk as cybercriminals can use these credentials for ‘credential stuffing’ attacks to gain unauthorized access to various online accounts.
Furthermore, social media profiles of MPs were also affected, with 16 breaches on Instagram, 117 on LinkedIn, 21 on X, and 21 on Facebook. The exposure of personal information on social media platforms raises concerns about privacy and security risks for the affected politicians.
This incident is not the first data breach experienced by the UK government, as previous accusations have been made against China for hacking the British Ministry of Defence. The increasing frequency of such cyber threats highlights the importance of robust cybersecurity measures to protect sensitive information and prevent unauthorized access to personal data.
In conclusion, the data leak of UK MPs’ information to the dark web underscores the critical need for enhanced cybersecurity practices and awareness among politicians and government officials. Safeguarding personal data and implementing stringent security measures are essential to mitigate the risks posed by cyber threats and prevent unauthorized access to sensitive information.