Russian Hackers Breach UK Government Email Accounts in Major Cyberattack

Russian Hackers Breach UK Government Email Accounts in Major Cyberattack

First seen 5 Jul 2026, 22:49 UTC AolCryptobriefingwww.telegraph.co.uk 85% similarity 78.0

Article Content

Browse articles
ThreatCluster

Russian hackers, linked to APT28, have compromised email accounts of UK government and Foreign Office officials, utilizing DNS hijacking to intercept login credentials. The attack, identified as part of a broader campaign, exploited vulnerabilities in over 18,000 networks and targeted high-value officials. The breach allows unauthorized access to sensitive systems, with potential implications for national security and critical infrastructure. The National Cyber Security Centre (NCSC) has issued warnings and recommended mitigations, including firmware updates and two-step verification. The ongoing nature of the attack raises concerns about further infiltration and data harvesting. Dark web forums are reportedly trading access to the stolen credentials. The breach highlights the evolving tactics of state-sponsored cyber espionage.

Key Points: • APT28, a Russian hacking group, used DNS hijacking to steal UK government email credentials. • Over 18,000 networks were compromised, allowing access to sensitive government systems. • The NCSC has recommended immediate mitigations to protect against further exploitation.

ThreatCluster AI

Timeline

2026-04-07
NCSC flags APT28's campaign
The National Cyber Security Centre warned of APT28 exploiting vulnerable internet routers for DNS hijacking.
Cryptobriefing
2026-07-05
Major breach reported
Russian hackers infiltrated UK government email accounts, compromising sensitive credentials.
Aol
Recent
Dark web trading of stolen credentials
Access to compromised government accounts is being sold on dark web forums for up to $60,000.
Aol

Community

Browse all →