MoD investigates claims that Russian hackers swiped sensitive military documents

The Ministry of Defence is investigating claims that Russian hackers have stolen hundreds of sensitive military documents and published them on the dark web. The files hold details of eight RAF and Royal Navy bases as well as Ministry of Defence (MoD) staff names and emails, it is reported.

Cybercriminals reportedly accessed the cache of files by hacking a maintenance and construction contractor called Dodd Group. A Ministry of Defence spokesperson said: "We take a robust and proactive approach to cyber threats that could pose risks to national interests. We are actively investigating claims that information relating to the MoD has been published on the Dark Web.

"To safeguard sensitive operational information, we will not comment any further on the details."

A Dodd Group spokesperson said: "We can confirm that the Dodd Group recently experienced a ransomware incident whereby an unauthorised third-party gained temporary access to part of our internal systems. We took immediate steps to contain the incident, swiftly secure our systems and engaged a specialist IT forensic firm to investigate what happened.

"While our forensic investigation is ongoing, we are aware of claims that data taken from our systems have been published online. We are taking these claims extremely seriously and are working hard to validate this. We are in contact with our customers and colleagues and have also notified the relevant regulatory authorities and law enforcement."

The Mail On Sunday reported that leaked documents contain information about several sensitive RAF and Navy bases, including RAF Lakenheath in Suffolk, where the US Air Force's F-35 jets are based.

They also include details of contractors' names, car registrations and mobile numbers, as well as MoD personnel's names and email addresses. Some documents accessed by the Russian hackers are marked 'Controlled' or 'Official Sensitive'.

The hack follows a series of high-profile data breaches at the MoD.

Personal data of service personnel and veterans, including names, bank details and some addresses, was in the payroll system, which was accessed in the large-scale hack, revealed last year.

Colonel Phil Ingram, a former member of the Intelligence Corps who also served in Iraq and the Balkans, labelled the breach as a "catastrophic security failure."

He told the Mail on Sunday: "Any sensitive information, from emails to mobile phone numbers, will be useful to our enemies.

"This is yet another embarrassing breach of the MoD's supply chain compromising sensitive data. There doesn't seem to be a week going by without another MoD-related breach and no sign of accountability.

"It is likely a reflection on the creaking IT infrastructure the MoD has, its rigid, outdated processes and simple lack of care."

Up to 272,000 service personnel may have been affected.

The same year, the Government covertly set up the Afghanistan Response Route for people in the country whose details were leaked "in error" by a defence official in February 2022.