A cyber attack on Westminster compromised almost 100 email accounts, parliamentary officials have confirmed.
An unprecedented attack by hackers seeking to break into MPs’ inboxes utilising a “brute force” assault which lasted for more than 12 hours on Friday prompted fears that senior politicians could become the targets of blackmail.
But the “determined and sustained” offensive is now believed to have only compromised up to 90 email accounts with less than one per cent of Parliament’s 9,000 users directly impacted.
An investigation is now underway to determine whether any data has been lost.
Unknown hackers repeatedly probed “weak” passwords of politicians and aides, forcing parliamentary officials to lock MPs out of their own email accounts as they scrambled to minimise the damage from the incident.
Credit: Niklas Halle’n/AFP
The network affected is used by every MP including Theresa May, the Prime Minister, and her cabinet ministers for dealing with constituents.
Experts warned that politicians could be exposed to blackmail or face a heightened threat of terrorist attack if emails were accessed.
MPs also apologised to constituents and expressed concerns that sensitive and private information shared with them may have leaked.
Officials said on Sunday that both Houses of Parliament will sit on Monday as planned after staff worked to ensure the business of Parliament could continue in the wake of the hacking.
A parliamentary spokesman said: “Parliament’s first priority has been to protect the parliamentary network and systems from the sustained and determined cyber attack to ensure that the business of the Houses can continue.
“This has been achieved and both Houses will meet as planned tomorrow.
“Investigations are ongoing, but it has become clear that significantly fewer than one per cent of the 9,000 accounts on the parliamentary network have been compromised as a result of the use of weak passwords that did not conform to guidance issued by the Parliamentary Digital Service.
“As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way.
“Parliament is now putting in place plans to resume its wider IT services.”
Fears were raised by cyber specialists that “state actors” such as Russia, China or North Korea could be behind the attack – though Government sources said on Saturday it was too early to draw such a conclusion.