UK Electoral Commission Data Breach Exposes Millions of Registered Voters’ Data

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

In a public notice , the UK Electoral Commission disclosed the hacking incident that comprised personal data of any individual who had registered to vote in the country between 2014 and 2022.

The incident came to light when a suspicious activity was detected on its systems in October 2022. Further investigation revealed that the perpetrators had first hacked into the servers in August 2021. The delay in identification and disclosure raises security concerns about why such an attack went unnoticed and unreported in the said 25 months.

In the attack, the unknown hackers accessed reference copies of the electoral registers retained by the Commission for permissibility checks on political donations and research purposes. The registers contained the name and address of UK voters who registered in the said 8-year period, as well as name and address of overseas voters.

The details of voters registered anonymously were not found in these registers.

Additionally, the Commission’s email system was also accessed by the threat actors, thereby exposing personal details of voters. The data includes name, home and email address, phone number, and any personal image shared with the Commission.

However, financial information like donations and loans to registered political parties and non-party campaigners remains secure. The Commission went on to assure the public that the overall electoral process, including voters’ registration status also remained unaffected.

Further downplaying the incident, it said that ‘’No immediate action needs to be taken in response to this notification. However, anyone who has been in contact with the Commission, or who was registered to vote between 2014 and 2022, should remain vigilant for unauthorized use or release of their personal data.’’

In the statement, the Commission revealed that it had taken the necessary steps to mitigate the security concerns, including bolstering the system against external attacks and protecting voters’ personal data. It also partnered with third-party security experts and the UK National Cyber Security Centre to investigate and enhance its security system.

Ad Fraud Targeting Korean Android Users Discovered in 43 Google Media Streaming Apps

• Written by Shipra Sanganeria Cybersecurity & Tech Writer

A recent investigation into Google Play Store apps revealed a fraudulent campaign followed by some developers. The malicious practice of invisible ads that is particularly directed at Korean Android users loads ads while the device screen is switched off.

McAfee’s Mobile Research Team in an advisory stated that initially this practice might seem user-friendly, however, it violates the Google Play Developer policy regarding the display of ads. The Ad Fraud practice not only adversely affects the advertisers but also harms the users in various ways.

Apps mainly consist of media streaming (TV/DMB Player, Music Downloader), news, and calendar applications with a collective 2.5 million installations, were discovered by the team. The discovery was immediately reported to Google, which immediately removed most of the apps. The others which remain have been updated to comply with Google’s policies.

Post installation, this ad fraud library employs sophisticated delay techniques (several weeks) to avoid detection and inspection by the users. In addition, its complicated configurations can be pushed and modified using Firebase Storage or Messaging service. Thus, making it difficult to identify and analyze the fraudulent behavior of these rogue apps.

The advisory stated that during the installation process, these malicious apps seek ‘’power saving and draw over other apps’’ permission, which helps them conduct discreet activities in the background. Users should beware from granting these permissions as it makes them susceptible to phishing and ad fraud campaigns, noted McAfee.

Post the latent period, the invisible ad fraud campaign begins whenever the unaware user’s device screen is turned off. This library registers device information and then retrieves the specific ad URL from Firebase Storage to display the ads. Such practices not only drain device battery life but also consume mobile data resources.

With the rise of smartphone malwares, it is essential that users remain vigilant while installing and granting permission to different apps.