Defence Secretary Grant Shapps has confirmed the name of the contractor running the Ministry of Defence’s payroll system that was hacked by China.
Mr Shapps told parliament that SSCL (Shared Services Connected Ltd) is the contractor and their work is being reviewed across government following the cyber attack – which China has denied.
The cabinet minister initially did not name the company operating the payroll, but told MPs that there is evidence of “potential failings” which “may have made it easier for the malign actor” to gain access to the bank details of service personnel and veterans.
In response, Labour’s shadow defence secretary John Healey said the government had “many serious questions to answer”, and went on to claim that “Shared Services Connected Ltd has the MOD contract for core payroll and other business services”.
Mr Shapps said in response: “He has named the contractor that was involved, I can confirm that’s the correct name, SSCL.
“I’ve requested from the Cabinet Office a full review of their work across government as well as within MoD, which is underway.”
Sky News revealed last night that the Chinese state had hacked the Armed Forces’ payroll system.
China has said the accusations were “completely fabricated and malicious slanders”.
Names, addresses and bank details of current Army, Royal Navy and RAF personnel and some veterans were exposed by the hack.
SSCL is a subsidiary of the Paris-based tech company Sopra Steria. The company is the largest provider of business support services for the government and the UK military, as well as the Metropolitan Police Service.
Its website says it provides payroll, HR and pension services to 230,000 military personnel and reservists, and two million veterans, with a “wholly safe and secure service” that is “data protected to the highest levels”.
Rishi Sunak earlier refused to name China as the hacker but said Beijing has “fundamentally different values to ours” and it is “acting in a way that is more authoritarian and assertive abroad”.
The prime minister said he wanted to reassure people the MoD has already removed the network, taken it offline and is “making sure the people affected are supported in the right way”.
In his statement to MPs, Mr Shapps said that “state involvement” cannot be ruled out but also did not name the suspected culprit, saying: “For reasons of national security, we can’t release further details of the suspected cyber activity behind this incident.”
He added: “However, I can confirm to the House that we do have indications that this was the suspected work of a malign actor and we cannot rule out state involvement.”
He also said: “We’ve launched a full investigation, drawing on Cabinet Office support and specialist external expertise to examine the potential failings of the contractor and to minimise the risk of similar incidents in the future.”
Mr Shapps said up to 272,000 service personnel may have been hit by the data breach and set out an eight-point plan to support and protect those potentially affected.
Initial investigations have found no evidence that any data has been removed, but affected armed forces personnel have been alerted as a precaution.
The payment network is “an external system completely separate to the MoD’s core network”, Mr Shapps stressed.
He apologised “to the men and women who are affected by this”, adding “it should not have happened”.
A spokesman for the Chinese embassy in London denied the country had anything to do with an MoD hack and said it had made “relevant responses” to accusations on the 25 and 27 March.
He accused the UK of politicising cyber security and claimed there was no factual evidence of China hacking the MoD.
Sky News has approached SSCL and Sopra Steria for a comment.
