UK Secretary of State for Defence Grant Shapps confirmed Tuesday that a cybersecurity incident had taken place involving the UK Armed Forces payment network, in an oral statement before the House of Commons. Shapps said the Ministry of Defence (MoD) had identified a security breach in the network that involved the leaks of data of some 272,000 UK Armed Forces personnel.

Shapps did not initially name the contractor involved, which is operated by an external agency, and was reluctant to name China. However, China issued a statement to refute the accusation and Shapps stated that “state involvement cannot be ruled out” before another MP prompted him to confirm it was China.

While no data is believed to have been removed, the MoD has alerted all affected service personnel and sent letters to some retired veterans who may have been impacted as a precaution. A full investigation is underway to examine any potential failings by the contractor. The MoD has also launched an 8-point plan to secure the network and protect personnel. This includes taking the system offline, setting up a helpline for support, providing data protection monitoring and reviewing all MoD personnel data security.

Shapps said the network breached is “entirely separate from MoD systems,” but that the incident showed the evolving cyber threats faced by the UK. He apologized to those affected and pledged to ensure it cannot happen again.

Shadow Defence Minister John Healey, a member of the opposition Labour Party, went on to say the government had “many questions to answer” and claimed that the MoD contractor responsible was Shared Services Connect Ltd. Shapps confirmed, “that’s the correct name SSCL.”

The Chinese Embassy in London responded, saying:

The said accusation made by the UK side is nothing but a fabricated and malicious slander. It is extremely absurd and despicable. We strongly condemn it.

China has all along been fighting cyberattacks according to law. We firmly oppose any groundless accusations against China out of political motives.

We urge the UK side to stop spreading disinformation, and stop such self-staged political farces.

The announcement comes as China has increased its actions in the UK, with the Crown Prosecution Service charging a parliamentary researcher and another with espionage on behalf of China in March. The UK has also held Chinese state-affiliated organizations responsible for cyber campaigns targeting democratic institutions. The UK Electoral Commission previously disclosed in August 2023 that it experienced a cyberattack that allowed “hostile actors” to access electoral registers containing the names and addresses of voters from 2014 to 2022.