UK Electoral Roll Targeted in 'hostile' CyberAttack

Can't you view the electoral register anyway- names and addresses? I thought that was a public document?

I guess the issue is that there is additional information which is not part of the public register.

Also, the electoral register used to be on paper in the council office last time I saw one. Not sure if that is still the case.
 
throwaway4372 said:
This bit winds me up
Click to expand...

The bit that winds me up is:

Mr McNally said he understood public concern, and would like to apologise to those affected.
Click to expand...

Well that's OK then, we've had an apology. I don't want an apology, I want accountability. I want the company, agency or individual tasked with securing the platform to be prosecuted. They were charged with the provision and maintenance of a platform that held PIM (Personally Identifiable Material) and they failed to do so.

For one as tax payers we didn't get value for money, two the Government was short changed by whomever or whatever entity provided the service and three this problem isn't going away.

It's irrelevant how "sophisticated" the attack was, every attack is sophisticated to someone. It's cybersecurity, it's an ever changing landscape of vulnerabilities and vectors - it needs to be managed and continually assessed.
 
potatolord said:
Can't you view the electoral register anyway- names and addresses? I thought that was a public document?

I guess the issue is that there is additional information which is not part of the public register.

Also, the electoral register used to be on paper in the council office last time I saw one. Not sure if that is still the case.
Click to expand...

It seems to be pretty easily available if you want it anyway.

ico.org.uk

Electoral register

Individual electoral registration was introduced in England, Scotland and Wales in 2014. For many people this change in how we register to vote will mean that they are now responsible for their own registration.
ico.org.uk ico.org.uk
Click to expand...

What is the electoral register?​


The law makes it compulsory to provide information to an electoral registration officer for inclusion in the full register. The details you are likely to have to provide are your name, address, national insurance number, nationality and age.

The full register is published once a year and is updated every month. It is used by electoral registration officers and returning officers across the country for purposes related to elections and referendums. Political parties, MPs and public libraries may also have the full register.

It is also used by local authorities for their duties relating to security, law enforcement and crime prevention, for example checking entitlement to council tax discount or housing benefit. It may also be used by the police for law enforcement purposes. The courts use the register to summon people for jury service.

It can be sold to government departments to help in their duties such as the prevention or detection of crime. They can also use it for vetting job applicants and employees if this is required by law. Credit reference agencies are allowed to buy the full version of the register so that lenders can check the names and addresses of people applying for credit and carry out identity checks to help stop money laundering.

It is a crime for anyone who has a copy of the full register to pass information from this register onto others if they do not have a lawful reason to see it.
Click to expand...
 
Tony Edwards said:
It seems to be pretty easily available if you want it anyway.
Click to expand...

That's what I thought.

The leak of an electronic version isn't great- especially if it contains information which is not on the public register.

This is a lot less bad than the leak of all PSNI staff details reported yesterday. There is a real threat to life from that one!

www.bbc.co.uk

PSNI: Major data breach identifies thousands of officers and civilian staff

A top officer apologises for the breach affecting police and employees in Northern Ireland.
www.bbc.co.uk
 
potatolord said:
That's what I thought.

The leak of an electronic version isn't great- especially if it contains information which is not on the public register.

This is a lot less bad than the leak of all PSNI staff details reported yesterday. There is a real threat to life from that one!

www.bbc.co.uk

PSNI: Major data breach identifies thousands of officers and civilian staff

A top officer apologises for the breach affecting police and employees in Northern Ireland.
www.bbc.co.uk
Click to expand...
Yeah I was surprised on thread about the PSNI dataleak. Lots of officers will be getting ready to move house.
 
potatolord said:
Can't you view the electoral register anyway- names and addresses? I thought that was a public document?
Click to expand...

Back when I worked in local government paper copies were held in libraries and could be consulted. But copying from a paper copy is laborious and might just pique the interest of a nosy librarian.
 
Quartz said:
Back when I worked in local government paper copies were held in libraries and could be consulted. But copying from a paper copy is laborious and might just pique the interest of a nosy librarian.
Click to expand...

Yep, I remember the big paper copy. I think the council is legally required to make "a copy" available to the public. I believe there are rules about copying it- I think that is not permitted.

As I said above, if an electronic version has been leaked, that's easier to use.

If there is additional information in that electronic version, it's more disclosive.

Someone is getting a smack off the ICO for this, I imagine...
 
potatolord said:
Can't you view the electoral register anyway- names and addresses? I thought that was a public document?
Click to expand...
As others have said Electoral data can be looked up and, i believe, sites like 192 use it. Because of that, i don't think there will be much comeback for us folks; if it were more sensitive types of PII, like NI numbers, then the proverbial would hit the fan.

A2Z said:
Guess it's a good thing im purposely not on any electoral role. Will only add myself before GE.
Click to expand...
Do you remove yourself?
 
kaiowas said:
Remember the days when BT would regularly just leave a big list of names, addresses and telephone numbers on everyone’s doorstep? It’s a wonder we all survived.
Click to expand...

Didn't have email addresses, national insurance numbers, nationality and age in there though.

Source: here
 
A2Z said:
Guess it's a good thing im purposely not on any electoral role. Will only add myself before GE.
Click to expand...

Username checks out. Also what do you have to hide, assuming you are on a payroll, pay taxes, maybe shop on line, have bank accounts, utility accounts, maybe a motor vehicle etc., etc.

You are on databases a hundred foot thick.
 
There are two registers, an open and closed one.

I think political party officials get the open one only. I've seen the one for a town near me printed out on papers. The amount of boxes filled a moderately sized room.

If anyone knows if I'm wrong that only the open one is public let me/us know.
 
Well, There has been inadequate exposure on how the system was penetrated - but maybe they are still keeping this quiet, but how do other organisations learn.

C4 'expert' intreview last night suggested that although it was penetrated in 21 they had not realised for a year, versus, they knew and were watching what would happen.
 
You must log in or register to reply here.
Back
Top Bottom