UK gov conceals leak of the electoral register 2014-2021 for 10 months. Ps. The recommend you watch out for unauthorised activity

[Gav881]

 

 

Summary

something like 40million people effected by a breach, most of the information appears to be purchasable by people like credit ref agency's. The breach was discovered in October but no date given for closure of the incident. 

 

Quotes

Quote

Defending the delay, commission chair John Pullinger said: "If you go public on a vulnerability before you have sealed it off, then you are risking more vulnerabilities." 

 

My thoughts

The suggestion that 10months is a reasonable amount of time suggests a lack of resource or incompetence imho. 

 

Sources

 Cyber-attack on UK's electoral registers revealed https://www.bbc.co.uk/news/uk-politics-66441010

[PCGamer2727]

24 minutes ago, Gav881 said:

suggests a lack of resource or incompetence imho. 

Are you implying that a government entity could lack competence?

 

I find that hard to believe.....

[porina]

In the UK there are two versions of the register, the public version, and the full version. The difference between them is you can opt out of appearing on the public list. For older people, it is similar to requesting to not be listed in the phone book (white pages). If that is all the data they got, I view it as relatively insignificant in data value. Still a serious breach, but little to no individual impact.

 

The article mentions that credit agencies may purchase the full list, otherwise they couldn't verify who lives where for those who have opted out of the public list.

[Monkey Dust]

15 hours ago, Gav881 said:

My thoughts

The suggestion that 10months is a reasonable amount of time suggests a lack of resource or incompetence imho.

I'd suggest a lack of resource and incompetence. That generally how things work, or rather do not work, in the UK these days.

[AlTech]

15 hours ago, porina said:

In the UK there are two versions of the register, the public version, and the full version. The difference between them is you can opt out of appearing on the public list. For older people, it is similar to requesting to not be listed in the phone book (white pages). If that is all the data they got, I view it as relatively insignificant in data value. Still a serious breach, but little to no individual impact.

 

The article mentions that credit agencies may purchase the full list, otherwise they couldn't verify who lives where for those who have opted out of the public list.

Well it's still a breach since nobody is supposed to be able to get the full list.

 

People on the full list are there for a reason, they don't want to be on the public list. Downplaying grievances with wholesale data selling and data brokering is not helpful to this discussion.

 

It may not be the most significant breach ever but this hack is egregious and far from harmless. The hackers should face serious repercusions for their actions if they can ever be identified.

 

I'm not sure why OP used the word leak since it was a cyber attack/hack and clearly not a leak.

[demonix00]

On 8/9/2023 at 11:20 AM, Monkey Dust said:

I'd suggest a lack of resource and incompetence. That generally how things work, or rather do not work, in the UK these days.

I'm certain this happened when bozo the clown was in charge along with his circus government and they were the class leaders in incompetence.

[suicidalfranco]

Ah yes, 5he let's make everything digital and have the government be omnipresent in every aspect of an individuals life. What could possibly go wrong