{"id":56032,"date":"2024-05-10T15:21:27","date_gmt":"2024-05-10T15:21:27","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35865\/MoD-Contractor-Hacked-By-China-Failed-To-Report-Breach-For-Months.html"},"modified":"2024-05-10T15:21:27","modified_gmt":"2024-05-10T15:21:27","slug":"mod-contractor-hacked-by-china-failed-to-report-breach-for-months","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/mod-contractor-hacked-by-china-failed-to-report-breach-for-months\/","title":{"rendered":"MoD Contractor Hacked By China Failed To Report Breach For Months"},"content":{"rendered":"
<\/div>\n

The IT company targeted in a Chinese hack that accessed the data of hundreds of thousands of Ministry of Defence<\/a> staff failed to report the breach for months, the Guardian can reveal.<\/p>\n

The UK defence secretary, Grant Shapps, told MPs on Tuesday that Shared Services Connected Ltd (SSCL) had been breached by a malign actor and \u201cstate involvement\u201d could not be ruled out.<\/p>\n

Shapps said the payroll records of about 270,000 current and former military personnel, including their home addresses, had been accessed<\/a>. China has not been openly named by the government as the culprit.<\/p>\n

The MoD was told of the hack in recent days but a number of sources said SSCL, an arm of the French tech company Sopra Steria, became aware of the breach in February.<\/p>\n

Sopra Steria did not respond to requests for comment.<\/p>\n

One Whitehall insider did not comment on the timeframe but said that concern about SSCL being \u201cslow to respond\u201d was one of the issues being examined in an official inquiry into the hack.<\/p>\n

It can also be revealed that SSCL was awarded a contract worth more than \u00a3500,000 in April to monitor the MoD\u2019s own cybersecurity \u2013 several weeks after it was hacked. Officials now believe this contract could be revoked.<\/p>\n

The payroll data that was hacked reflects only a fraction of the work SSCL does for the government.<\/p>\n

Sopra Steria and SSCL are understood to have other undisclosed government cybersecurity contracts, according to Whitehall sources. However, these are deemed so sensitive that they have never been publicly disclosed. The Cabinet Office declined to comment on the detail of contracts, citing security restrictions.<\/p>\n

The cybersecurity arm of the UK\u2019s intelligence services, the National Cyber Security Centre, has warned of a growing threat<\/a> to the country\u2019s businesses and critical national infrastructure from hostile states. Chinese and Russian state-sponsored actors were highlighted among attackers using a range of routes to try to hide malicious activity on networks containing sensitive information.<\/p>\n

Whitehall worries over a lack of transparency by SSCL have raised concerns that there could be a wider compromise of its systems. Sopra Steria is one of a handful of strategic suppliers to the government, with work ranging from administering pensions to wider payments systems for government departments and agencies.<\/p>\n

Shapps told parliament<\/a> that the government had \u201cnot only ordered a full review of its [SSCL\u2019s] work within the MoD, but gone further and requested from the Cabinet Office a full review of its work across government, and that is under way\u201d. He added that specialists had been brought in to carry out a \u201cforensic investigation\u201d of how the breach happened.<\/p>\n

skip past newsletter promotion<\/a><\/p>\n