A spokesperson for Derby City Council said:

Yesterday (Tuesday 8 August), the Council was made aware that the Electoral Commission had been the victim of a cyber-attack. Suspicious activity was detected in October 2022 however, the systems were first accessed in August 2021.

During the cyber-attack, perpetrators gained access to the Commission’s servers where copies of electoral registers are stored. The registers held at the time of the cyber-attack include the name and address of everyone registered to vote in the UK between 2014 and 2022, including those registered as overseas electors but did not include the details of voters who registered anonymously.

Whilst the data contained in the electoral registers is limited and much of it is already in the public domain, we understand that residents may be concerned about the safety of their personal information. The Electoral Commission are confident that the information affected during this breach does not pose a high risk to individuals and we are working with the Electoral Commission and Information Commissioner’s Office (ICO) to fully understand any local implications for both Derby City Council and its residents.

More information can be found on the Electoral Commission website.