Russian hackers steal login credentials of British officials in FortiBleed attack
Russian hackers have stolen email credentials of British government officials and are selling them on dark web forums for up to $60,000, according to a Telegraph report. The ongoing attack, dubbed FortiBleed, exploited a vulnerability in Fortinet firewalls, compromising over 80,000 devices and exposing sensitive systems including the NHS and energy suppliers.
What happened
Russian hackers have stolen login credentials of British government officials and gained access to their email accounts, according to a report by The Telegraph. The attack, known as FortiBleed, exploited a vulnerability in Fortinet firewall systems, allowing attackers to bypass security barriers protecting critical national infrastructure. The breach is ongoing as of Sunday evening, 5 July 2026.
Scope of the compromise
A list of compromised accounts seen by The Telegraph shows that credentials of Foreign Office staff abroad and local government officials across the UK were taken. This includes IT staff at British embassies in Thailand and Mauritius, as well as employees of Derbyshire county and the London borough of Waltham Forest. The attack involved email addresses and corresponding passwords, exposing sensitive government systems.
Dark web marketplace
The stolen credentials are being offered for sale on dark web forums, with prices reaching up to $60,000. Among the data for sale are login details for the National Health Service (NHS), energy suppliers, and key pharmaceutical distributors nationwide. The availability of these credentials raises the risk of further infiltration into Whitehall departments and critical services.
Attribution and state involvement
Security researchers have not yet established a link to the Russian state. While the hackers are described as Russian, there is no confirmed evidence of government involvement. The attack is being treated as a sophisticated cybercriminal operation.
Potential consequences
The breach could trigger a catastrophic incident for the NHS, according to the report. With access to NHS and energy supplier credentials, attackers could disrupt essential services. The compromise of over 80,000 Fortinet firewalls underscores the scale of the vulnerability.
The breach could trigger a 'catastrophic' incident for the National Health Service (NHS).


