Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Armed forces personnel bank data compromised in Ministry of Defence hack

Initial investigations have not shown any data was taken, but affected personnel will be alerted and provided with support.

Sophie Wingate
Monday 06 May 2024 23:08 BST
The Ministry of Defence has been the target of a data breach (Kirsty O’Connor/PA)
The Ministry of Defence has been the target of a data breach (Kirsty O’Connor/PA) (PA Archive)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Ministry of Defence has been the target of a large-scale data breach, it is understood.

Sky News reported that China was behind the cyber attack.

A third-party payroll system has been hacked, potentially compromising the bank details of all serving armed forces personnel and some veterans. A very small number of addresses may also have been accessed.

So many serious questions for the Defence Secretary on this, especially from Forces personnel whose details were targeted

Shadow defence secretary John Healey

The department took immediate action when it discovered the breach, taking the external network – operated by a contractor – offline.

It is understood that initial investigations have found no evidence that data has been removed.

But affected service personnel will be alerted as a precaution and provided with specialist advice. They will be able to use a personal data protection service to check whether their information is being used or an attempt is being made to use it.

All salaries were paid at the last payday, with no issues expected at the next one at the end of this month, although there may be a slight delay in the payment of expenses in a small number of cases.

The Government will inform MPs of the breach when Parliament returns on Tuesday, with Defence Secretary Grant Shapps expected to make a Commons statement in the afternoon.

Ministers will blame hostile and malign actors, but will not name the country behind the hacking.

The MoD has been working at speed to uncover the scale of the attack since it was discovered several days ago.

The revelation comes after the UK and the United States in March accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.

Britain blamed Beijing for targeting the Electoral Commission watchdog in 2021 and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.

Labour’s shadow defence secretary John Healey said: “So many serious questions for the Defence Secretary on this, especially from Forces personnel whose details were targeted.

“Any such hostile action is utterly unacceptable. Parliament will expect a full Commons statement tomorrow.”

In response to the Beijing-linked hacks on the Electoral Commission and 43 individuals, a front company, Wuhan Xiaoruizhi Science and Technology Company, and two people linked to the APT31 hacking group were sanctioned.

But some of the MPs targeted by the Chinese state said the response did not go far enough, urging the Government to toughen its stance on China by labelling it a “threat” to national security rather than an “epoch-defining challenge”.

Conservative former leader Sir Iain Duncan Smith repeated those calls, telling Sky News: “This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.

“No more pretence, it is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”

The Metropolitan Police said it is not involved in any investigation at this stage.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in