The Ministry of Defence has suffered a significant data breach and the personal information of UK military personnel has been hacked.
A third-party payroll system used by the MoD, which includes names and bank details of current and past members of the armed forces, was targeted in the attack. A very small number of addresses may also have been accessed.
The department took immediate action and took the external network, operated by a contractor, offline.
Initial investigations found no evidence that data had been removed, according to the BBC and Sky, who first reported the story. The Guardian understands MPs will be addressed on the matter in the Commons on Tuesday, with Grant Shapps, the defence secretary, expected to make a statement in the afternoon.
Ministers will blame hostile and malign actors, but will not name the country behind the hacking.
Affected service personnel will be alerted as a precaution and provided with specialist advice. They will be able to use a personal data protection service to check whether their information is being used or an attempt is being made to use it.
All salaries were paid at the last payday, with no issues expected at the next one at the end of this month, although there may be a slight delay in the payment of expenses in a small number of cases.
The shadow defence secretary, John Healey, said: “So many serious questions for the defence secretary on this, especially from forces personnel whose details were targeted.
“Any such hostile action is utterly unacceptable.”
The MoD first discovered the attack several days ago and has since been working to understand its scale and impact. In March the UK and the US accused China of a global campaign of “malicious” cyber-attacks, in an unprecedented joint operation to reveal Beijing’s espionage.
Britain blamed Beijing for targeting the Electoral Commission watchdog in 2021 and for being behind a campaign of online “reconnaissance” aimed at the email accounts of MPs and peers.
In response to the Beijing-linked hacks on the Electoral Commission and 43 individuals, a front company, Wuhan Xiaoruizhi Science and Technology Company, and two people linked to the APT31 hacking group were placed under sanctions.
But some of the MPs targeted by the Chinese state said the response did not go far enough, urging the government to toughen its stance on China by labelling it a “threat” to national security rather than an “epoch-defining challenge”.
The Conservative former leader Iain Duncan Smith repeated those calls, telling Sky News: “This is yet another example of why the UK government must admit that China poses a systemic threat to the UK and change the integrated review to reflect that.
“No more pretence. It is a malign actor, supporting Russia with money and military equipment, working with Iran and North Korea in a new axis of totalitarian states.”
In a statement on Tuesday morning, the MoD said: “The defence secretary will make a planned statement to the House of Commons this afternoon setting out the multi-point plan to support and protect personnel.”
A spokesperson for the Chinese foreign ministry said Beijing opposed and fought all forms of cyber-attack and it rejected using the issue for political ends to smear other countries.