UK military in major data breach, and other cybersecurity news to know this month

Published · Updated
The UK's Ministry of Defence, the site of a data breach - close-up of signage.

Also in this cyber news round-up: LockBit gang leader unmasked and FBI closer to charging Scattered Spider gang. Image: Reuters/Suzanne Plunkett

Akshay Joshi
Head of Industry and Partnerships, Centre for Cybersecurity, World Economic Forum Geneva
This article is part of: Centre for Cybersecurity
  • Top cybersecurity news: Hackers target UK's Ministry of Defence; LockBit cybercrime gang leader 'LockBitSupp' unmasked; FBI closer to charging Scattered Spider gang.
  • This regular round-up brings you key cybersecurity stories from the past month.

1. Hackers target UK Ministry of Defence

The UK's Ministry of Defence has suffered a major data breach, with personal information of UK military personnel hacked from a third-party payroll system.

Names, bank details, and a small number of addresses were accessed, The Guardian reported. The Ministry took immediate action, taking the external contractor network offline and alerting affected personnel.

The British Prime Minister, Rishi Sunak said: "There are indications that a malign actor has compromised the armed forces' payment network."

Media outlets in the UK, including the BBC, reported that China was behind the hack. However, neither Sunak nor the Ministry of Defence had commented on this, according to a Reuters report.

UK Defence Minister Grant Shapps told parliament that ministers didn't believe data had been stolen, adding that he could not rule out a foreign state being involved in the breach.

Chinese Foreign Ministry spokesperson Lin Jian said Beijing opposed all forms of cyberattack, and rejected any attempt to use cybersecurity issues to smear other countries.

2. LockBit cybercrime gang leader unmasked and sanctioned

A senior Russian leader of notorious ransomware group LockBit has now been identified and sanctioned by Operation Cronos, the international task force of law-enforcement agencies.

Dmitry Khoroshev, AKA LockBitSupp, has been sanctioned by the governments of the US, Australia and the UK – and will face asset freezes and travel bans.

Graeme Biggar, Director General of Britain's National Crime Agency, said: "These sanctions are hugely significant and show that there is no hiding place for cyber criminals like Dmitry Khoroshev, who wreak havoc across the globe. He was certain he could remain anonymous, but he was wrong."

Operation Cronos seized LockBit's leak site in February.
Operation Cronos has now identified and sanctioned LockBit leader, LockBitSupp. Image: National Crime Agency, UK

The World Economic Forum reported on Operation Cronos in February, when LockBit’s technical infrastructure and its public-facing leak site on the dark web was seized after a months-long operation.

The Forum’s Cybercrime Atlas provides a platform for cybercrime investigators to generate actionable insights into cybercrime networks using open-source research.

3. News in brief: Top cybersecurity stories this month

The FBI in the US is getting closer to charging hackers from the Scattered Spider criminal gang, which has targeted dozens of American organizations, according to a senior official.

Cybercrime in Germany committed by foreign perpetrators rose by 28% in 2023, government data shows.

Technology firm Cisco Systems has revealed hackers exploited vulnerabilities in some of its digital security devices to breach government networks worldwide.

Singapore's parliament has passed new cybersecurity laws to tackle evolving threats and operational challenges faced by the Cyber Security Agency, ZDNET reported. The bill allows the CSA to better address modern cybersecurity challenges with a risk-based regulatory approach.

The Australian federal government has allocated significant funding for cybersecurity in its 2024-2025, reports CSO. It will invest $196.8 million over three years to ensure safe data collection, storage and accessibility for the 2026 Census.

Politicians and election officials in Britain are to be offered support to help protect them from hacks by foreign spies ahead of an election expected later this year.


4. More about cybersecurity on our blog

The financial sector is uniquely exposed to cyber risk and resulting losses could cause major disruptions, according to a new IMF report, which states that such incidents "could threaten financial institutions’ operational resilience and adversely affect overall macro-financial stability". Here's what you need to know.

With AI making the shift from science fiction to a tool many of us use daily, what risks and opportunities does it present in the context of cybersecurity? This article explains how to ensure your data remains safe in the age of AI.

As noted above, Australia recently announced major investments in cybersecurity and IT improvements. Last year, we reported on the Australian government's plan to boost its cybersecurity through “cyber health checks” for small- and medium-sized enterprises as well as awareness campaigns to boost cyber literacy. The strategy follows a succession of high-profile attacks and aims to position Australia as a world leader in cybersecurity by 2030.


How is the Forum tackling global cybersecurity challenges?

1. Hackers target UK Ministry of Defence2. LockBit cybercrime gang leader unmasked and sanctioned3. News in brief: Top cybersecurity stories this month4. More about cybersecurity on our blog

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum