Here we go again, another hack by China whilst our weak government does nothing. Ministers and MPs kept the breach under wraps for weeks, but new details have emerged about the true scale of the intrusion and the suspected state sponsored actors behind it.

The Foreign, Commonwealth and Development Office (FCDO)

The primary target of the hack was the Foreign, Commonwealth and Development Office (FCDO). Specifically, the breach affected servers that the FCDO operates on behalf of the Home Office.

Minister for Trade Chris Bryant confirmed the incident in late December, describing it as a ‘technical issue in one of our sites’ that allowed unauthorised access. While the government says the vulnerability was closed quickly, the time between the breach in October and its public confirmation has raised questions about transparency, as with most things relating to China and this government.

What was stolen?

According to investigative reports from The Sun and The Independent, the damage may be extensive:

• Visa Applications: Hackers reportedly gained access to systems containing the personal details of tens of thousands of visa applicants.

• Confidential Documents: Thousands of sensitive internal documents and data files were allegedly retrieved during the breach.

• National Security Implications: Experts warn that such espionage is often used to build intelligence profiles on individuals or to map out the internal deliberations of the UK government.

Minister Bryant has sought to downplay the personal risk, stating the government is ‘fairly confident’ that there is a low risk to any specific individuals being harmed by the data loss. Utter nonsense, this is serious.

Storm 1849

While the UK government has been evasive about official attribution, intelligence sources and media reports have pointed the finger directly at China. From our contacts in the security industry, this has been confirmed as accurate.

The group responsible have been identified is Storm 1849, also known by cybersecurity researchers as ArcaneDoor. This group has a history of targeting political figures and organisations critical of the Chinese government and was previously linked to the 2024 cyberattacks on the UK Electoral Commission and various MPs.

The Political Fallout and Accusations

The timing of the hack is diplomatically awkward, to say the least. It comes just weeks before Prime Minister Keir Starmer’s planned visit to Beijing in late January 2026, the first such visit by a UK PM since 2018.

Shadow Foreign Secretary Priti Patel has led the charge against the Labour government, accusing them of turning a blind eye to Chinese aggression in an attempt to improve trade relations. Our ears are hearing swapping safety and security of the United Kingdom and its citizens for a £100m a year in trade. Other critics argue that the government’s refusal to officially blame China, despite intelligence pointing that way, is also a sign of weakness.

Let’s not forget the previous hacks, the new Super Embassy debacle, Chinese threats to the UK and the government collapsing a spy trial when they would not describe China as a threat.

Unsurprisingly, the Chinese Embassy in London has issued a stern denial. A spokesperson described the reports as false accusations and malicious smearing, asserting that China is a staunch defender of cybersecurity and a victim of hacking itself.

The October hack serves as a stark reminder of the grey zone warfare currently playing out between global powers. As the UK attempts to reset its relationship with China for economic reasons, this breach highlights the massive security risks that come with engaging an autocratic regime that views data as a primary tool of statecraft.