Bottom Line: Stolen access credentials from British authorities and infrastructure providers are being marketed on the dark web, including NHS accounts, energy suppliers, and pharmaceutical vendors.
Hackers have stolen login credentials of British government officials and local authority staff and are selling them on the dark web. The attack exploited a security vulnerability and also affects healthcare and critical infrastructure accounts.
According to reports in the British Telegraph, attackers have compromised access credentials of British government officials and local authority staff. The attack was still active on Sunday evening and is known under the designation “FortiBleed”. Stolen were email addresses and associated passwords; the attackers exploited a security vulnerability and used previously stolen data to circumvent protective barriers.
The range of compromised accounts includes staff at the British Foreign Office abroad as well as local authorities in several regions of Great Britain. Specifically affected are IT staff of British embassies in Thailand and Mauritius, staff of the English county Derbyshire and the London borough of Waltham Forest. The attack extends further to accounts of the National Health Service (NHS), energy supply companies and major pharmaceutical suppliers across the country.
The stolen access credentials are currently being offered for sale in dark web forums. Security researchers have so far not confirmed any reliable state Russian involvement in the attack, although the hackers are mentioned in media reports in this context.
Source: www.it-daily.net · Published 6 July 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.7.3.