Armed forces personnel bank data compromised in Ministry of Defence hack

Image: PA

The Ministry of Defence has been the target of a large-scale data breach, it is understood.

Sky News has reported that China was behind the cyberattack.

A third-party payroll system has been hacked, potentially compromising the bank details of all serving Royal Navy, Army, and Air Force personnel and some veterans. A very small number of addresses may also have been accessed. It is unclear exactly how many people’s data has been compromised.

The system is not connected to the main MoD computer, and no operational data has been accessed.

The department took immediate action when it discovered the breach, taking the external network, operated by a contractor, offline.

It is understood that initial investigations have found no evidence that data has been removed.

However affected service personnel will be alerted as a precaution and provided with specialist advice. Veterans’ organisations are also being contacted. They will be able to use a personal data protection service to check whether their information is being used or an attempt is being made to use it.

All salaries were paid at the last payday, with no issues expected at the next one at the end of this month, although there may be a slight delay in the payment of expenses in a small number of cases.

The Government will inform MPs of the breach when Parliament returns on Tuesday, although ministers will not name the country behind it.

The MoD has been working at speed to uncover the scale of the attack since it was discovered several days ago, according to Sky News.

Writing on X (formerly Twitter), Labour’s shadow defence secretary John Healey said:

So many serious questions for the Defence Secretary on this, especially from Forces personnel whose details were targeted.

Any such hostile action is utterly unacceptable.

Parliament will expect a full Commons statement tomorrow

John Healey MP

Shadow defence secretary, on X (formerly Twitter)