The Office for National Statistics is investigating reports that hacker group Lulz Security, or LulzSec, may have succeeded in hacking into the database of the UK's 2011 Census.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
"We are aware of the suggestion that census data has been accessed. We are working with our security advisers and contractors to establish whether there is any substance to this," says a statement on the census website.
"The 2011 Census placed the highest priority on maintaining the security of personal data. At this stage we have no evidence to suggest that such a compromise has taken place," the statement concludes.
Scotland Yard has announced the arrest of a 19-year-old hacker in Essex, but would not confirm whether the arrest was connected to a distributed denial of service (DDoS) attack on the website of the Serious Organised Crime Agency (SOCA) or the alleged breach of the census website.
Officers from the Police Central e-Crime Unit (PCeU) arrested the alleged member of LulzSec last night on suspicion of breaching the Computer Misuse Act, and searched a house in Wickford, Essex, where they seized computer equipment which will undergo forensic examination. The FBI and local Essex police worked in co-operation with the PCeU to investigate the case.
Series of hacking attacks
"The controversial LulzSec group has been playing a dangerous game - its Twitter account, which has more than 220,000 followers, has become increasingly vocal - embarrassing computer crime authorities and large organisations around the world with its attacks," said Graham Cluley, senior technology consultant at security firm Sophos.
"There has been much speculation recently regarding who might be behind LulzSec. If the group has now been cracked, then it will send a strong message to others thinking about engaging in their own hacks or denial of service attacks," he said.
Census records stolen?
LulzSec, which has launched an anti-government campaign and claimed responsibility for the DDoS attack on the SOCA website, now claims in an online posting to have obtained the records of every single citizen who gave their information to the "security-illiterate UK government" in the 2011 census.
The posting says the database will be published through file-sharing website The Pirate Bay. "We're keeping them under lock and key though... so don't worry about your privacy (...until we finish re-formatting them for release)," the posting says.
Photo by Khairil Zhafri on Flickr