The latest annual report from the U.K. Parliament's Intelligence and Security Committee (ISC) has disclosed that the U.K.'s Ministry of Defence suffered a cyberattack in which data was stolen.
Despite heavy redactions to protect sources and budgets from prying eyes, the admission was buried halfway through the document in a section detailing how the U.K. government can and is protecting itself against foreign cyberthreats and attacks.
"Government departments are also targeted via attacks on industry suppliers which may hold government information on their own systems," the report said. "We have been told that cyber espionage '[has] resulted in MOD data being stolen.' This has both security and financial consequences for the U.K."
The ISC report also noted that over 200 government email accounts across 30 departments were targeted in attempts to steal confidential or classified data. In some publicly documented cases, U.K. government websites were downed in denial-of-service attacks, which the report notes, by hackers and outside hacktivst groups.
The parliamentary report said the government's systems defenses are "reasonably well developed," though noted it was a constant challenge to ensure that the changing nature of cyberattacks did not keep the attacks from being prevented.
Government is not the only target for data thefts. In one documented case, the ISC report highlighted one unnamed company that lost "at least £800 million ($1.19bn)" through cyberattacks last year, in which data was stolen.
"The threat the UK is facing from cyber attacks is disturbing in its scale and complexity," the report noted. "The theft of intellectual property, personal details and classified information causes significant harm, both financial and non-financial."