Question to the Cabinet Office:
To ask Her Majesty's Government what assessment they have made of the hacking of government department emails in the United States in December 2020; and whether they have identified who was responsible for that hacking.
Her Majesty's Government is acutely aware of the cyber security risks associated with the use of third-party digital services and software. The contracting authority for the procurement of any such product or service is responsible for assessing and managing that risk.
The reported compromise is a complex, global cyber incident, and the Government is working with international partners to understand its scale and assess any UK impact. As the investigation into this incident is ongoing I cannot comment on any operational details.
The National Cyber Security Centre has published guidance on their website.