Top UK security officials exposed in hack attack

 

Gallery

By Stewart Mitchell

Posted on 9 Jan 2012 at 13:05

Hundreds of sensitive email addresses for UK security officials were among details stolen in a major hacking attack, it has emerged.

The hackers scooped the email addresses and other information during a Christmas attack on security consultancy Stratfor, but the type of UK officials breached has only just come to light.

According to research commissioned by The Guardian, among the 850,000 accounts harvested by hacktivists thought to be associated with Anonymous were details of 221 British military officials and 242 NATO staff.

The breach also exposed data - including user names and encrypted passwords - of civil servants in the Cabinet Office as well as advisers to the Joint Intelligence Organisation.

Any foreign intelligence service targeting Britain could find these emails useful in identifying individuals

According to the paper's findings, based on an inspection of breached data by the US Cyber Consequences Unit, the email addresses were not routinely made public, and the passwords were encrypted in code that could quickly be cracked using cheap software.

The research uncovered that police, Home Office, Foreign Office and royal household staff were also compromised.

"Any foreign intelligence service targeting Britain could find these emails useful in identifying individuals connected to sensitive Government activities," said John Bumgarner of the US Cyber Consequences Unit.

However, Government sources played down the risk, saying the leak did not pose a threat because end user passwords on the Stratfor site would have been different from those used on Government sites.