Start your day with intelligence. Get The OODA Daily Pulse.
Stolen login details for Foreign Office staff and local council employees are being traded on dark web forums. The breach is part of a months-long campaign targeting government networks and raises fresh questions for the UK’s cyber insurance market. The National Cyber Security Centre (NCSC) issued an urgent alert on July 5 confirming a brute force attack on Fortinet firewall and VPN systems. Organisations have been directed to audit their networks and isolate any breached devices. The Telegraph first reported the breach. An operator using the handle “SantaAd” is offering stolen credentials on dark web forums for as much as US$60,000 (£44,000). The attack, dubbed FortiBleed by researchers, has been active since at least February 2026. More than 80,000 Fortinet firewalls have been compromised across 194 countries. Cybersecurity firm SOCRadar has verified a database of more than 86,644 working login credentials.
Full report : Russian Hackers Breach UK Government Data, Trading It for Up to $60,000 on the Dark Web.