Public Services > Central Government

Scottish Parliament targeted in cyber attack

Matteo Natalucci Published 16 August 2017

Hackers attempted to access numerous MSPs' email accounts by systematically and repeatedly trying to break their passwords


IT systems at the Scottish Parliament have been targeted by a "brute force" cyber-attack from “external sources.” 

Holyrood officials said they were not aware of any compromised email accounts and warned MSPs and their staff to be cautious when opening emails from external sources.

This attack appears to be targeting parliamentary IT accounts in a similar way to that which affected the Westminster Parliament in June. In that incident, up to 90 email accounts with weak passwords were accessed.

Paul Grice, Holyrood’s chief executive, said, "The parliament's monitoring systems have identified that we are currently the subject of a brute force cyber attack from external sources. Symptoms of the attack include account lockouts or failed log-ins".

“The parliament’s robust cybersecurity measures identified this attack at an early stage and the additional security measures which we have in readiness for such situations have already been invoked. Our IT systems remain fully operational,”, he added.

Grice urged MSPs and staff to update and strengthen their passwords with longer and stronger combinations of letters, numbers and special characters.

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.