UK’s MOD Data Breached: China Hacked Ministry of Defence, UK Armed Forces’ Personal Data Exposed

Written by Mitchell Langley

May 9, 2024

UK’s MOD Data Breached: China Hacked Ministry of Defence, UK Armed Forces’ Personal Data Exposed

The May 2024 MOD data breach has compromised the personal payroll information of Over 270,000 UK military personnel.

Over 270,000 Affected in MOD Data Breach  

The UK Ministry of Defence (MoD) had fallen victim to one of its biggest ever data breaches. A third-party payroll system used by the MoD to process payment details for Armed Forces personnel had been compromised, exposing sensitive personal information on over 270,000 individuals.

According to reports, a third-party payroll system used by the Ministry of Defence (MoD) to process payment details for the armed forces had been targeted in a malicious cyberattack.

“There are indications that a malign actor has compromised the armed forces payment network,”

Prime Minister Rishi Sunak said in a statement

The MOD payroll breach exposed the names, bank account information, and in some cases addresses of over 270,000 individuals from the Army, Navy and RAF.

The MoD immediately took the compromised external network offline and started investigating the scale of the data breach. 


China Suspected in the MOD Payroll Breach but Not Publicly Blamed

While state involvement could not be ruled out, the UK government did not directly accuse China over the MOD cyberattack.

However, China is considered the most likely perpetrator given past hacking attributed to Chinese groups. Defence experts also argued the stolen military personnel data could be used for future espionage or coercion.

The Conservative former leader Iain Duncan Smith told Sky News:

“This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.

“No more pretence. It is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”

The timing of the incident, just weeks after similar allegations of Chinese interference in UK election systems, raised suspicions the MoD may have been an intentional target.

Lengthy Recovery Period Still Underway

From the initial MOD data breach disclosure, recovery and remediation efforts remain ongoing.

Defence Secretary Grant Shapps updated Parliament, acknowledging systems are still being restored from backups after extensive ransomware infiltration.

Residual issues may persist until all IT networks complete renovation. The MOD also continues bolstering cyber protections to safeguard against future damaging breaches.

Though salaries were paid on time, Defence Secretary Grant Shapps acknowledged in a parliamentary briefing that restoring backed-up systems after such a widespread ransomware infiltration would be a lengthy process.

“The defence secretary will make a planned statement to the House of Commons this afternoon setting out the multi-point plan to support and protect personnel.”

The MOD said in a statement

The personal data exposure left hundreds of thousands of armed forces members vulnerable. The MOD breach marked a severe incident compromising the UK’s military integrity as the damage had been done to military protocols and trust.

The MOD data breach highlights the persistent risks posed by sophisticated state actors in today’s digital battlegrounds. It also showed how significantly national security can be undermined through cyberattacks.

Related Articles

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!