CHINA stole names and bank details of Britain’s entire armed forces, government officials fear.
Some 270,000 people including regular troops, reservists and some veterans have been affected by an epic hack.
The Ministry of Defence launched a crisis response after discovering a suspected state-sponsored hack.
Thousands of personnel have also had address details stolen.
Defence officials refused to name the country or hackers behind the attack but insiders suspect China.
The Sun understands it was only discovered within the last 72 hours.
Defence officials are working with spies from GCHQ, the government’s listening post, the National Cyber Security Centre and the offensive Cyber Force as well as civilian contractors to grasp the scale of the crisis.
The MoD is also hiring contractors to provide beefed up civil fraud protections for those affected and to trawl the dark web to see if the data appears for sale or exploitation.
Sky News revealed that hackers broke into a payroll system run by civilian contractors.
A defence source told The Sun Special Forces, including the SAS and SBS, were not affected by the breach.
But their identities could still be revealed by their absence from the main database.
A source insisted salaries would still be paid on time. But they warned repayment of expenses would likely be delayed.
Beijing is thought to be accused of two or three attempts to hack MoD employees.
The attack is thought to have been carried out on a payroll system which included current service personnel, some officials and some veterans.
Mostly names and bank details have been exposed, the report said.
All salaries will be paid this month.
The contractor system attacked is not connected to the main MoD computer systems and had been taken down while a review is carried out.
The MoD is said to be assessing the scale of the hack.
The news comes less than two months after China’s “state-affiliated actors” were blamed by the Government for two “malicious” cyberattack campaigns in the UK.
Deputy Prime Minister Oliver Dowden told the Commons two incidents involved an attack on the Electoral Commission – responsible for overseeing elections and political finance – in 2021, and targeted attacks against China-sceptic MPs.
The head of Inter-Parliamentary Alliance on China (IPAC) Luke de Pulford said the revelation needed to be a “turning point”.
Conservative Sir Iain Duncan Smith and Labour’s Azfal Khan are also part of IPAC.
Previous cyber attacks against Government departments, contractors and MPs
March 2024
The UK and the United States accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to reveal Beijing’s espionage.
Britain publicly blamed China for targeting the Electoral Commission watchdog and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.
The Electoral Commission attack was identified in October 2022, but the hackers had first been able to access the commission’s systems for more than a year, since August 2021.
December 2023
A Foreign Office minister told the Commons that private conversations of high-profile politicians and civil servants were compromised by Russia’s principal security service during “sustained” attempts to interfere in UK politics.
A cyber influence campaign by a group known as Star Blizzard, “almost certainly” a subordinate of an FSB cyber unit, had “selectively leaked and amplified information” since 2015.
July 2022
The British Army confirmed a “breach” of its Twitter and YouTube accounts. The channel featured videos on cyptocurrency and images of billionaire businessman Elon Musk.
The official Twitter account had retweeted a number of posts appearing to relate to NFTs (non-fungible tokens).
July 2021
The UK accused the Chinese government of being behind “systematic cyber sabotage” following a hacking attack which affected a quarter of a million servers around the world. The attacks, which took place in early 2021, targeted Microsoft Exchange servers.
April 2021
Britain accused Russia’s foreign intelligence service of being behind a major cyber attack on the West.
The Foreign, Commonwealth and Development Office (FCDO) said the National Cyber Security Centre (NCSC) had assessed that it was “highly likely” the SVR was responsible for the so-called SolarWinds hack.
July 2020
Britain, the United States and Canada accused Russian spies of targeting scientists seeking to develop a coronavirus vaccine.
The three allies said hackers linked to Russian intelligence were seeking to steal the secrets of research bodies around the world, including in the UK.
Mr de Pulford said: “This has to represent a turning point.
“These are actions suited to hybrid warfare, not the ‘mutual respect’ of which Beijing and London regularly boast.
“China under Xi Jinping is not a friend.
“Remove the blinkers. Our China strategy has failed. We need some realism fast.”
Read more on the Scottish Sun
Sir Iain told Sky News: “This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.
“No more pretence, it is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”
2
