Over two thirds of MPs have had their data leaked on the dark web, new study finds
Nearly 450 MPs have had their personal information exposed on the dark web, according to new research.
The study, conducted by Proton in partnership with Constella Intelligence, found over two thirds of MPs had been exposed by hacks or breaches of third party services they’ve signed up to using their parliamentary email.
MPs affected include cabinet ministers, opposition front benchers, as well as those on committees that look after the UK’s cybersecurity.
In total, MPs' emails were exposed a total of 2,110 times on the dark web, with the most frequently targeted MP experiencing up to 30 breaches, the study found.
Some 216 passwords associated with MPs’ breached accounts have also been exposed, and researchers said this could constitute a serious national security issue.
If an MP reused one of these exposed passwords to protect their official email account, it could also be at risk.
MPs’ online presence was also affected, with Instagram profiles leaked 16 times, LinkedIn profiles 117 times, Twitter handles 21 times and Facebook accounts 21 times.
When Facebook accounts are compromised, hackers have access to personal data, including home address, mobile number, bank account details, and contacts. They can also access voice data and their photos.
The study further found British MPs demonstrated worse account security than their European and French counterparts.
Less than half of MEPs (44 per cent) had their personal information exposed on the dark web, and just 18 per cent of the French National Assembly and Senate.
Criminals often carry out what is known as a “credential stuffing attack”. This means entering thousands of stolen passwords and email addresses across various platforms, exploiting the fact that people frequently reuse passwords.
Eamonn Maguire, Head of Account Security at Proton, said: “In today's digital landscape, robust cybersecurity practices are crucial, especially for those in positions of power. A single leaked password can lead to severe national security breaches, given the access that MPs possess.
“Many people underestimate their vulnerability, but the reality is that everyone is a potential target. Vigilance is essential for anyone in the public eye to safeguard both personal and national security, and we call on the new government after the General Election to take cybersecurity seriously, and for all MPs to adopt better account security practices."