Share this article on:
The UK government has reportedly suffered a serious cyber attack after a threat actor took to an infamous hacking forum claiming to have what appears to be the data of over a million people.
According to a BreachForums post by a threat actor called “USDoD”, a network misconfiguration issue allowed unauthorised access, leading to data exfiltration.
“The UK gov system had a misconfigured cdn issue that expose a lot of their users,” the threat actor said.
“I was able to extract more than 1M of users and a few more data.”
Within the post, the threat actor posted a “partial database” containing the username and password data of over 80,000 users.
The database contains details for what appears to be a broad range of accounts, from immigration and visa services logins to MOT testing, tax services, apprenticeship details, and COVID-19 testing.
“I plan to release every data on UK gov I will just wait for the right moment,” the threat actor said.
“This is a friendly warning that I’m following every single action around the globe.”
It appears that the threat actor “USDoD” was not a lone cyber criminal but is the admin of the SparrowCorp hacking group.
SparrowCorp first appeared in January this year and was a rebrand of a former group known as BlackSec. The rebrand occurred when the threat actor “USDoD” became the new admin.
Announcement.
— USDoD-TA🏴☠️🌐👁️🗨️ (@EquationCorp) January 20, 2024
Good evening community, today is a day of a new beginning, a new journey, my first act as administrator will be a total rebrand of the group, name and logo.
There will be several changes in the group, in operations and in the MO, with that said I am looking for a… pic.twitter.com/aAtLk3OQd8
Alongside a number of cyber attacks, it appears that SparrowCorp is also investigating an international pedophile network and says it has determined that there are at least 12 countries “directly involved,” including the US, England, Colombia, Dutch West Indies, Cyprus, Uruguay, Hungary, Spain, Bulgaria, Iceland, Anguilla and China.
The UK government data leak comes just as the UK Ministry of Defence (MOD) is expected to announce details of an attack on one of its contractor’s IT systems, which may have led to MOD data being exfiltrated.
While not confirmed, hackers from the Chinese state are believed to be responsible.
UK Defence Secretary Grant Shapps is expected to announce details of the attack to other members of parliament today or tomorrow.