British Parliament Targeted by Brute-Force Email Hackers

Poor Password Security Blamed Following Compromise of Up to 90 Accounts

Members of Parliament in Britain have had their remote email access suspended following an apparent brute-force hack attempt aimed at exploiting weak passwords to gain access to their accounts. Officials say fewer than 90 email accounts appear to have been breached.

Parliament officials say that the “sustained” effort by remote attackers appears to have resulted in a breach of up to 90 accounts. Initial reports have suggested attackers were attempting to brute-force guess weak passwords.

Parliament first confirmed the attack on Saturday and said that all remote access to email – outside of the Westminster estate, where Parliament meets – had been temporarily disabled. Thanks to incident response efforts over the weekend, however, officials say parliamentary business is continuing as scheduled on Monday.

“Parliament’s first priority has been to protect the parliamentary network and systems from the sustained and determined cyberattack to ensure that the business of the Houses can continue,” according to a statement issued by Parliament. “This has been achieved and both Houses will meet as planned today.”

Continue reading…