What’s the significance of the Electoral Commission cyber-attack?

The Electoral Commission has suffered a big cybersecurity attack as the BBC reports:

The Electoral Commission said unspecified “hostile actors” had managed to gain access to copies of the electoral registers, from August 2021.

Hackers also broke into its emails and “control systems” but the attack was not discovered until October last year…

The watchdog said the information it held at the time of the attack included the names and addresses of people in the UK who registered to vote between 2014 and 2022.

This includes those who opted to keep their details off the open register – which is not accessible to the public but can be purchased, for example by credit reference agencies.

This incident is a reminder of the value in the way we do elections, i.e. heavily paper-based and with a dispersed administration of voting and counting. That setup makes it much harder to influence results than with online voting and centralised systems.

Although a story about hacking of election data may make people worried about electoral fraud, I’m not convinced that having illegally got a copy of the full electoral register for the country makes electoral fraud noticeably easier. (What would you actually do that’s effective and requires this data?)

But, for more general identify theft, tracking down people, etc. it’s likely to be of more use for nefarious purposes (and hence my previous interest in NHS data). Which is why it’s always puzzled me why the finance sector doesn’t take more interest in the security and accuracy of the electoral register.

The electoral register isn’t just about elections. It underpins many other activities too – and that is where, I strongly suspect, we should look for any negative consequences of the hack.

5 responses to “What’s the significance of the Electoral Commission cyber-attack?”

  1. I was the first party election agent of what became the first UK Green Party (then the Ecology Party, in the late 1970s and have an M Phil in Green Issues in UK Politics. Too old now to be active but still interested in our democracy!

  2. I think there is a concern that the fact that the EC was hacked and the list accessed could be used to undermine faith in democracy. We may know that it will have no impact but I can see some actors using the hack to question how robust our system is.

Leave a Reply

Your email address will not be published. Required fields are marked *

All comments and data you submit with them will be handled in line with the privacy and moderation policies.