'Sex life data' stolen from UK government among record number of ransomware attacks

Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information was stolen from, nor why the government was holding this data, which is defined by the Information Commissioner's Office as "Any data on a person's sex life which does not specifically relate to orientation or health," potentially including the use of dating apps and period trackers. According to the most recent tranche of security incident trends data released by the ICO, there have been 10 ransomware attacks on central government in the first six months of this year - doubling the total number of successful attacks on Whitehall departments since records began in 2019. As reported by Recorded Future News, data previously released by the ICO showed ransomware attacks hitting record levels in 2022, with criminals compromising data on at least 5.3 million people from over 700 organizations. The government did not respond to Recorded Future News about why it had been holding sex life data. A spokesperson for the Home Office said: "Ransomware is the most significant cyber national security threat facing the UK today. Defending the UK from ransomware attacks and reducing its impact on victims is a top priority for this government." The data supports the comments of Britain's security minister, Tom Tugendhat, who in September warned: "The UK is a top target for cybercriminals. Their attempts to shut down hospitals, schools and businesses have played havoc with people's lives and cost the taxpayer millions. Sadly, we've seen an increase in attacks." Even within just the first six months of this year, ransomware attacks have already broken the record within several critical sectors in the United Kingdom. Efforts to tackle the business model driving the financially motivated cyberattacks on government systems have involved dozens of countries recently signing a pledge as part of the Counter Ransomware Initiative to never pay an extortion fee in the event of an attack targeting "Relevant institutions under the authority of our national government." The data for the first half of this year that reveals a record number of incidents affecting the public sector does not cover the period in which the pledge was active. However even then it would not prevent payments by private sector organizations, who the ICO's data shows make up the bulk of the criminal ecosystem's victims. Almost every sector included in the ICO's data looks set to suffer a record number of ransomware attacks in 2023. The 87 attacks on the education and childcare sector resulted in 14 incidents in which data on up to 156,000 children was stolen - including one incident affecting between 1,000 and 10,000 children in which sexual orientation data was compromised by the hackers. Since 2019, there have been 19 incidents in which children's sexual orientation data was stolen from organizations in the sector. "Speaking to Recorded Future News previously, Jamie MacColl, a research fellow at the Royal United Services Institute - whose work includes a research project on ransomware harms and the victim experience - said:"We've collected very little evidence that stolen or leaked personal data is being exploited by ransomware threat actors or other cybercriminals in a systematic way. "However, that's not to say there aren't incidents where very sensitive information on individuals has been published or sent to them to increase pressure. During our research, we also heard of cases where ransomware threat actors had targeted schools and then sent stolen safeguarding data to parents to get them to increase pressure on the schools to pay." Ransomware attacks continued to increase to 34% in 2022, and as of the first half of this year now make up almost two in every five incidents. The data from the ICO is collected under Britain's data protection laws, which require companies to report breaches of personal data to the regulator under the threat of being fined up to 4% of the organization's global turnover if they fail to make a report. No company has ever received such a fine, and the dataset necessarily only covers ransomware incidents that involve a breach of personal data, meaning an attack involving server-level encryption might not require reporting. Despite the limitations of the ICO data, experts including RUSI's MacColl have told Recorded Future News that it is "Likely the most comprehensive public dataset about the frequency of ransomware attacks in the UK.".

This Cyber News was published on therecord.media. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to 'Sex life data' stolen from UK government among record number of ransomware attacks