Russian cybercriminals have stolen hundreds of Ministry of Defence (MoD) emails and passwords and posted them on the dark web.
The MoD has launched an investigation after it emerged that logins belonging to 595 military personnel, MoD civil servants and defence contractors have been taken since 2020.
Many of those affected are based in the UK, but account details of staff located overseas were also compromised, according to the i.
Locations of other exposed staff are believed to include Iraq, Qatar, Cyprus and mainland Europe.
It is believed the information was taken using Russian hacking tools, although there is no evidence the Kremlin directed the hack.
The data includes email addresses and other information need to access the MoD’s Defence Gateway portal.
The secure online platform for all British military personnel does not contain classified information.
Instead, it is integral to staff communication and provides access to human resources and health data, according to the MoD.
One intelligence source told the i: ‘This type of activity is often the first stage of a covert recruitment operation by adversaries.
‘Stolen data provides hackers with personal information hostile actors can then use to coerce or blackmail employees.’
Alon Gal, chief technical officer of cybercrime intelligence firm Hudson Rock, said: ‘The theft of such credentials can lead to significant security challenges, including supply chain risks, and the ability of an attacker to laterally move across connected platforms.’
He added: ‘For Ministry of Defence personnel and contractors, this would jeopardise broader operational security and could expose sensitive data.’
The portal gives users access to a selection of Defence web applications and can only be accessed using multi-factor authentication.
It is believed that the majority of the data was stolen using staff members’ personal devices to access the online platform.
According to the i, cyber security experts believe there is a risk hackers could access other sensitive credentials of MoD staff, including private email accounts, online banking, and social media accounts, which might pose a potential blackmail risk.
The MoD told the newspaper they were investigating the theft, alongside the National Cyber Security Centre (NCSC).
Together, they are working to identify and remediate the loss of credentials as quickly as possible.
There are also a range of measures in place to educate personnel on the risks and need to keep their personal devices updated as well as the importance of broader personal security.
Technical measures are also in place to identify potentially at risk accounts and prevent malicious actors from exploiting them.
A government spokesperson said: ‘We take a robust response to cyber threats which threaten our national interests and work round the clock to address vulnerabilities and protect critical services.
‘It is important for individuals and organisations to remain vigilant against the risks posed by information theft.’
Get in touch with our news team by emailing us at webnews@metro.co.uk.
For more stories like this, check our news page.
MORE: Brave elderly woman scolds shielded police while water canons are unleashed on protesters
MORE: The ex-Man City player set to become president – and other stars who turned to politics
MORE: Ex-Russian supermodel and Putin critic reveals she’s on Kremlin’s hitlist
