A massive cybersecurity breach has exposed hundreds of passwords and raised fears about threats to national security, with nine attempts to sell classified UK military documents detected on the dark net. According to a report by NordStellar, a threat exposure management platform, over 700 email addresses and corresponding passwords from nine government domains have appeared on the dark net over the past year. The Ministry of Justice, Department for Work and Pensions, and Ministry of Defense are among the most affected departments, alongside nine separate attempts to sell classified documents linked to UK military and NATO operations. The Home Office, Foreign, Commonwealth and Development Office, Department for Transport, UK Parliament, Department of Health and Social Care, and HM Revenue and Customs have also reportedly had log-in details leaked in the past year.
Experts warn that the leaks could grant hackers access to sensitive systems, including police records, infrastructure networks, and databases containing citizens’ private information, highlighting the urgent need to address cybersecurity gaps. In recent years, the UK has experienced a surge in high-profile cyberattacks, including the hacking of the Legal Aid Agency, HMRC phishing attacks resulting in £47 million in losses, and breaches of private sector giants like M&S and Jaguar Land Rover.
Gareth Mott, a cybersecurity analyst at the Royal United Services Institute, also warned that the leaked data could significantly impact national security, public trust, and even the economy, depending on its nature and how it is exposed. “All it takes is for one account to be active still, and that’s a potential initial attack vector,” Mott was quoted as saying.
The UK has seen a growing number of high-profile cyberattacks in recent years. Earlier this year, the Legal Aid Agency was hacked, exposing years of personal data. In June, HMRC revealed that £47 million ($63 million) was stolen through phishing attacks on taxpayer accounts. Even private sector giants such as M&S, Jaguar Land Rover, and the Co-op have suffered breaches claimed by ransomware groups active on the dark net.
In January, the National Audit Office warned that government departments are lagging behind in cyber security, calling the national threat “severe and advancing quickly.”