For sale at £6.49 on the Net: mobile numbers of PM and 25 of her Cabinet Ministers
Experts fear they could be targeted by foreign powers
THE personal mobile phone numbers of the Prime Minister and 25 of her Cabinet Ministers are being sold on the internet, The Mail on Sunday can reveal.
They can be accessed on a shady US website charging just £6.49 for access to the information, which cyber experts warn could be used by China and Russia to spy on senior Government figures.
Phone numbers and other personal data for Liz Truss, Chancellor Kwasi Kwarteng, Defence Secretary Ben Wallace, Foreign Secretary James Cleverly and Home Secretary Suella Braverman are among those listed on the site. Labour leader Sir Keir Starmer’s phone number is also on there.
On the eve of the Conservative Party conference, Ministers were last night assessing the threat with national security advisers, after the MoS alerted them to the breach, which also included email addresses and passwords.
The Cabinet Office said it was investigating and that some of the information was old. But the MoS confirmed that the data haul contained 26 current phone numbers for the Cabinet, including Ms Truss’s
A former British intelligence officer last night called the breach ‘truly shocking’ and warned that private information could be targeted using software that plants a virus on the phone via a text message.
Subscribers to the US website, which this newspaper is declining to name, can simply search for any information by typing in someone’s name. The website takes just seconds to trawl through data stolen in cyber attacks going back more than a decade. The site claims to have more than 14 billion files of ‘compromised assets’ on its searchable database.
The people behind the website remain a mystery. The webpage lists a phone number which rings out unanswered. Its office is listed in a downmarket area of Las Vegas – far from the glitz and glamour of the Sin City strip. But when an MoS reporter visited on Friday to ask about who runs the site, they discovered the office was a scruffy, prefab used as a service address for hundreds of companies.
A receptionist said: ‘I cannot tell you that information. Honestly I cannot tell you anything.’
After paying a £6.49 fee to access the site for a week, it took the MoS seconds to find the Prime Minister’s personal mobile number.
A search for ‘Elizabeth Truss’ returned an entry which appeared to contain a mobile phone number that the website stated had been stolen in a 2020 hack on Covve, a popular digital contacts book. When our reporter added the phone number to WhatsApp, the profile came up with a photo of the Prime Minister taken last Christmas.
We checked and later confirmed that Ms Truss has used the number since at least 2011. This newspaper also checked and confirmed that the site had the current phone numbers for the entire Cabinet apart from Deputy PM Therese Coffey and Northern Ireland Secretary Chris Heaton-Harris.
Seven Labour frontbenchers had current numbers on there, including Shadow Foreign Secretary, David Lammy, Shadow Health Secretary Wes Streeting, and former leader Ed Miliband, who is Shadow Climate Secretary.
Our reporters checked the site for numbers of senior members of the military and intelligence agencies but did not find any.
Experts warn mobile phones are particularly vulnerable to attack from hackers. An Israeli system called Pegasus – which gains access to phones without the owner knowing – was allegedly used by Saudi Crown Prince Mohammed bin Salman to hack Amazon founder Jeff Bezos. And Dubai’s ruler Sheik Mohammed used it on his ex-wife Princess Haya and five associates, a judge said last year. Colonel Philip Ingram MBE, a former British intelligence officer and cyber security expert, said: ‘The fact that these phone numbers of the Prime Minister and her Cabinet colleagues are out there on the internet is a phenomenal security breach. It is truly shocking and concerning, and is going to cause ructions within Government. The amount of business that is done by Ministers and Opposition leaders on WhatsApp groups and other phone apps means that mobile phones are a weak point of entry for Britain’s enemies.’
Col Ingram said spy software can be launched on phones with a text message, which does not even have to be opened, just received. ‘Pegasus gains access to just about anything on that device. It runs away in the background and the phone’s user would not be aware of it,’ he warned. ‘And you can guarantee that other nations such as Russia and China are using very similar software – China leads the way in developing tools like this. ‘The US used something similar to spy on German chancellor Angela Merkel’s phone for decades.
From a nation-state point of view, this is a huge data breach. If you have got the likes of the Prime Minister, the Chancellor and the Defence Secretary’s phone numbers out there, then God knows what is leaking.’
Security analyst Professor Anthony Glees, from the University of Buckingham, said: ‘If you can get into someone’s phone, you can track their whereabouts, who they are communicating with and all sorts of things that would help the enemy. You can find out if they are having an affair or anything else you could use as blackmail.
‘The UK is perhaps the strongest supporter of Ukraine in its war
Starmer’s number is also on the list ‘This is a phenomenal, shocking, security breach’
against Russia. We need to be on high alert.’
A Cabinet Office spokesman said: ‘We take cyber security extremely seriously and we have agencies like the National Cyber Security Centre to help business and individuals protect their personal information from cyber threats.
‘The Government is aware that websites exist that aggregate details from historical data breaches, therefore much of the data on these websites is old and incorrect. Ministers receive regular security briefings and advice, including advice on protecting their personal data and mitigating cyber threats.’