Labour MP Florence Eshalomi's Staffer Hit by Suspected Phishing Hack
L'essentiel
- Nearly 2,000 people, including Westminster journalists and public affairs professionals, were targeted by a phishing email after a suspected hack of a staffer of senior Labour MP Florence Eshalomi, chair of the House of Commons housing committee.
- The email, identified as a phishing attack by the Parliamentary Digital Service, attempted to secure account credentials.
- Eshalomi believes a senior staff member’s account was compromised after opening a malicious file from an external breached organization.
Résumé généré par IA
Pourquoi c'est important
Recent series of cyberattacks on Westminster bodies, including a 2024 attack on the Electoral Commission by a Chinese state-affiliated group.
LONDON — Nearly 2,000 people were targeted with a phishing email after the suspected hack of a staffer of senior Labour MP Florence Eshalomi. The email contained a malicious file — identified by the Parliamentary Digital Service as a phishing attack — that tried to secure the credentials of other accounts, according to an email seen by POLITICO, which was sent by Eshalomi to those targeted in the days following last week’s breach. Westminster journalists and public affairs professionals were among those alerted to the suspected attack. Eshalomi, who is chair of the House of Commons housing committee, told POLITICO she believes a senior staff member’s account was compromised after opening a similar file sent by an external organization that had also been breached. The Labour MP said she did not know how many people may have fallen victim, but that a staff member of another MP had visited her office last week “because their account had been hacked as well.” It took three days for those targeted to be alerted after the initial breach. Eshalomi said they were only able to identify the recipients of the phishing email after Westminster’s digital team regained access to the account. One person who received the bogus email, granted anonymity to discuss a sensitive issue, said the grammar used by the suspected hacker in the email was good, and they had avoided opening the malicious file only because they’d never previously spoken to the staffer and it “all felt weird.” While Eshalomi believes the suspected hackers took a “scattergun” approach to those contacted, she expressed concern over the apparent sophistication of the scheme. Those who responded to the original email with concerns about its legitimacy received reassuring responses from the suspected attackers that it was safe. It is unclear who is responsible for the attack, or whether they extracted information from the account during the breach. A series of cyberattacks on Westminster bodies have taken place in recent years. In 2024, the British government said an unidentified Chinese state-affiliated hacking group was behind a cyberattack on the Electoral Commission — the watchdog responsible for policing the U.K.’s election system. As chair of the Commons Housing, Communities and Local Government select committee, Eshalomi is currently leading a review of the U.K. government’s proposals to strengthen election rules and tackle hostile threats. But she said there is no evidence to suggest the attack was directly linked to her position. A parliamentary spokesperson declined to comment on individual cases, but insisted the institution has “robust measures” in place to help Westminster staff manage their digital safety.
À surveiller
Perspective IA — des possibilités, pas des certitudes
Increased cybersecurity measures in Westminster
Probable · En quelques semaines
Questions ouvertes
- Who is responsible for the attack?
- Was any information extracted from the compromised account?






