Connect with us

Hi, what are you looking for?

Tech & Science

UK elector registration data compromised in cyber-incident

It’s also essential for organizations to recognize that their primary defences could be breached.

A data center: Network cables plugged into a server. — © Michael Bocchieri/AFP/Getty Images
A data center: Network cables plugged into a server. — © Michael Bocchieri/AFP/Getty Images

The U.K. Electoral Commission has disclosed a massive data breach exposing the personal information of voters between 2014 and 2022, as well as the names of those registered as overseas voters. The incident went undetected for a year and the public was not told for another 10 months, according to The Guardian.

It’s not yet known who was behind the attack. The Electoral Commission said “we do not know who is responsible for the attack,” as TechCrunch has reported.

Looking into this issue and its impact upon the democratic process is Nikhil Girdhar, Senior Director of Data Security at Securiti.

Girdhar begins by considering the impact upon the U.K. populace and what the incident signals about cybersecurity controls: “The recent revelation of a data breach affecting the UK’s registered voters is deeply concerning, both because of its scale and the significant delay in its disclosure. This incident underscores the pressing need to evaluate organizational preparedness in both preventing and responding to security threats.”

The attack has prompted serious questions about the strength and integrity of the U.K.’s electoral system

In terms of the appropriate response, Girdhar notes that investigators need to work out what has happened and why: “With limited resources, both human and technological, security teams must strategically identify assets that hold sensitive data. The focused approach enables them to efficiently allocate resources to strengthen security controls such as login requirements, access policies, and firewall rules for pivotal data systems.”

This is something that needs to be tackled alongside the many other calls upon the time of security researchers: “Given the myriad of alerts that SOC teams process daily, it’s paramount to prioritize notifications associated with these critical systems, ensuring a rapid and effective incident response.”

In terms of more general advice, Girdhar considers what organisations need to do to prepare of similar attacks in the future: “It’s also essential for organizations to recognize that their primary defences could be breached. Therefore, encrypting sensitive data serves as a pivotal secondary measure, ensuring exposed data remains worthless to attackers.”

It is also important to be prepared, observes Girdhar: “Timely response to breaches is another key facet of security readiness. Even seemingly benign data, when merged with public records, can be weaponized to profile and potentially jeopardize individuals. Automating breach analysis and notification mechanisms can expedite communication to those affected, allowing them to take protective actions more swiftly.”

Girdhar concludes by considering the necessary responses that organisations need to pt together in the form of workable strategies: “Modern strategies, such as data security posture management (DSPM), present a holistic framework for establishing a resilient defences against escalating data threats in our increasingly digital age.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Life

Louis Pappas Fresh Greek is a family-owned restaurant in University Park, Florida, which specializes in the Greek and Mediterranean cuisine.

Entertainment

‘The Deb’ is a musical comedy about a small-town teenager trying to find a date for the debutante ball

Tech & Science

The worst offender was found to be the MyJio app, which asks for 29 permissions.

Life

Russia has imprisoned hundreds for protesting or speaking out against the Ukraine campaign - Copyright AFP/File Alexander NEMENOVWhen Russians started being arrested for opposing...