Specialists came across data of European policymakers on the murky web
June 03, 2024
Confidential information of numerous British and EU policymakers is accessible on shadowy web markets.
As per investigations conducted by Proton and Constella Intelligence, the email addresses and other confidential details of 918 British Members of Parliament, members of the European Parliament, and French legislators and senators can be found in the shadowy web markets. 40% of the total 2,280 official government email addresses from the British, European, and French Parliaments were exposed, including passwords, birth dates, and other particulars.
The majority of leaked data email addresses belong to British Members of Parliament (68%), followed by EU Members of Parliament (44%).
The analysts highlighted that French legislators and senators had the strongest security measures, with only 18% of scrutinized emails found in cybercrime forums and shadowy marketplaces.
Many of these Members of Parliament, Members of the European Parliament, legislators, and senators hold important positions, including committee heads, government ministers, and senior opposition leaders. These policymakers have access to highly sensitive information, and what is particularly concerning is that several of them are currently, or have previously been, members of committees responsible for overseeing and enforcing national and international digital strategies.
The presence of the emails on the shadowy web indicates that lawmakers utilized their official emails to register on third-party web services that underwent a data breach.
“The fact that these emails, which are publicly available on government websites, are circulating on the shadowy web isn’t a security lapse in itself. Nor does it serve as proof of a British, European, or French parliamentary hack.” stated the report. “Instead, it shows that politicians utilized their official email addresses to establish accounts on third-party websites (which were later hacked or breached), needlessly putting themselves and the information they are entrusted to safeguard at risk.”
What is even more alarming is that researchers managed to associate these email addresses with 697 unencrypted passwords. The specialists alerted affected lawmakers, highlighting that if a lawmaker reused one of these exposed passwords for their official email account, it could also be compromised.
It is surprising that British Members of Parliament have not been implicated in significant scandals due to account breaches, as 68% of scanned email addresses were discovered on the shadowy web, including influential figures from both the government and the opposition. MPs’ email addresses were exposed a total of 2,110 times on the shadowy web, with the most targeted MP facing up to 30 breaches. On average, breached MPs had their details appear in 4.7 breaches.
European Parliament members experienced fewer breaches compared to their British counterparts, but nearly half of the emails searched were located on the shadowy web. Out of 309 exposed MEPs, 92 were implicated in 10 or more leaks. EU politicians had their email addresses exposed 2,311 times, along with 161 plaintext passwords. This evokes concerns, as the European Parliament has increasingly become a target of state-sponsored attacks and acknowledges its lack of readiness.
Affected politicians have utilized their official email addresses to create accounts on numerous sites, including LinkedIn, Adobe, Dropbox, Dailymotion, petition websites, news services, and even, in a few instances, dating websites.
“Even though a hostile acquisition of one of these accounts may not grant an attacker (or foreign government) access to state secrets, it could unveil that lawmaker’s private communications or other sensitive data. Attackers could then leverage this information for phishing or blackmailing the politicians.” concludes the report.
“And this is the most favorable outcome. If a breached lawmaker reused a password that was exposed on the shadowy web for one of their official accounts (and did not utilize two-factor authentication), it could enable attackers to breach government systems. “
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, dark web)
About Author
