cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Hacker claims over 1m UK government personnel details stolen in cyber attack

The UK government has reportedly suffered a serious cyber attack after a threat actor took to an infamous hacking forum claiming to have what appears to be the data of over a million people.

user icon Daniel Croft
Tue, 07 May 2024
Hacker claims over 1m UK government personnel details stolen in cyber attack
expand image

According to a BreachForums post by a threat actor called “USDoD”, a network misconfiguration issue allowed unauthorised access, leading to data exfiltration.

“The UK gov system had a misconfigured cdn issue that expose a lot of their users,” the threat actor said.

“I was able to extract more than 1M of users and a few more data.”


Within the post, the threat actor posted a “partial database” containing the username and password data of over 80,000 users.

The database contains details for what appears to be a broad range of accounts, from immigration and visa services logins to MOT testing, tax services, apprenticeship details, and COVID-19 testing.

“I plan to release every data on UK gov I will just wait for the right moment,” the threat actor said.

“This is a friendly warning that I’m following every single action around the globe.”

It appears that the threat actor “USDoD” was not a lone cyber criminal but is the admin of the SparrowCorp hacking group.

SparrowCorp first appeared in January this year and was a rebrand of a former group known as BlackSec. The rebrand occurred when the threat actor “USDoD” became the new admin.

Alongside a number of cyber attacks, it appears that SparrowCorp is also investigating an international pedophile network and says it has determined that there are at least 12 countries “directly involved,” including the US, England, Colombia, Dutch West Indies, Cyprus, Uruguay, Hungary, Spain, Bulgaria, Iceland, Anguilla and China.

The UK government data leak comes just as the UK Ministry of Defence (MOD) is expected to announce details of an attack on one of its contractor’s IT systems, which may have led to MOD data being exfiltrated.

While not confirmed, hackers from the Chinese state are believed to be responsible.

UK Defence Secretary Grant Shapps is expected to announce details of the attack to other members of parliament today or tomorrow.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.