UK Government Confirms Data Theft in Suspected Chinese-Linked Cyberattack
The UK government has acknowledged that sensitive data was stolen in a cyberattack targeting systems operated by the Foreign Office on behalf of the Home Office. Trade Minister Chris Bryant confirmed the breach, stating that the security vulnerability was swiftly addressed and that the risk to individuals remains "low." While officials have not publicly attributed the attack, sources suggest a China-affiliated group is suspected.
The incident, reportedly occurring in October, may have involved visa-related information. It has been referred to the Information Commissioner’s Office (ICO) for further investigation. UK intelligence agencies, including GCHQ, have previously warned of escalating cyber espionage efforts by China, which they describe as the most significant threat to national security.
The breach comes at a delicate time, as Prime Minister Sir Keir Starmer prepares for a planned visit to Beijing next year—the first by a UK leader since 2018. The Labour government has emphasized the necessity of engaging with China on trade, climate, and global governance while acknowledging the security risks posed by Beijing. China has consistently denied involvement in cyberattacks against the UK.
Cybersecurity experts note that government departments often rely on outdated IT systems, making them vulnerable to persistent threats. The incident underscores the ongoing challenge of balancing diplomatic relations with national security concerns.
Source: https://www.bbc.com/news/articles/cj4qpwprw9vo
Foreign, Commonwealth and Development Office cybersecurity rating report: https://www.rankiteo.com/company/foreign-commonwealth-and-development-office
"id": "FOR1766152814",
"linkid": "foreign-commonwealth-and-development-office",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Public Sector',
'location': 'United Kingdom',
'name': 'UK Home Office / Foreign Office',
'type': 'Government'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': 'Possible',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Government data, possibly visa '
'details'},
'description': 'Government data has been stolen in a hack though officials '
"believe the risk to individuals is 'low'. The data is "
'understood to have been on systems operated on the Home '
"Office's behalf by the Foreign Office, whose staff detected "
'the incident. A Chinese-affiliated group is suspected of '
'being behind the attack.',
'impact': {'data_compromised': 'Government data, possibly including visa '
'details',
'identity_theft_risk': 'Low',
'systems_affected': 'Systems operated by the Foreign Office on '
'behalf of the Home Office'},
'investigation_status': 'Ongoing',
'motivation': 'Espionage',
'post_incident_analysis': {'root_causes': 'Old IT systems may have been '
'exploited'},
'recommendations': 'Government departments need to invest in better digital '
'defences and update old IT systems.',
'references': [{'source': 'BBC News'},
{'source': 'The Sun'},
{'source': 'Times Radio'}],
'regulatory_compliance': {'regulatory_notifications': 'Referred to the '
'Information '
"Commissioner's Office"},
'response': {'containment_measures': 'Security gap was closed quickly'},
'threat_actor': 'Chinese-affiliated group',
'title': 'Government data stolen in hack, minister confirms',
'type': 'Data Breach'}