Investigation finds nothing malicious in email received by UK Labour Party candidate

Ben Bradshaw, who has spoken up about Russian interference in British politics, claimed to have received a malicious email that turned out to be benign.
UK Labour candidate Ben Bradshaw (Adrian Midgley, Flickr)

After a candidate for office in the United Kingdom’s Labour Party claimed he was targeted by Russian hackers, an investigation has found that an email he received did not contain any malware.

Ben Bradshaw, who has spoken up about Russian interference in British politics, said Tuesday that he received a suspicious email purporting to be from a Russian whistleblower.

But after investigating the email, the National Cyber Security Centre (NCSC), one of the UK’s main cybersecurity agencies, and ProtonMail, the provider from which the email was sent, said it did not contain anything malicious.


Bradshaw later conceded that nothing in the email was malicious.

A report in The Guardian had claimed that the email used the signature of a Russian envoy and PowerPoint slide purportedly produced by Russia’s FSB intelligence agency. CyberScoop does not have access to the email needed to examine any attachments it reportedly contained.

Aric Toler, a researcher at Bellingcat, a publication that has investigated Kremlin spying operations, said his organization also received a suspicious email from the same ProtonMail account.


The owner of the ProtonMail account did not immediately respond to CyberScoop’s request for comment.

As a sitting member of British parliament, Bradshaw has accused Russia of influencing the 2016 UK vote to leave the European Union. Bradshaw and other UK lawmakers have also accused Prime Minister Boris Johnson of suppressing the release of a parliamentary report on Russian interference in British politics.

For their part, UK security officials have spoken in pointed terms about the cyberthreat from Russia. The NCSC last month called out a Russian hacking group by name, and has previously labeled Russian military activity in cyberspace “reckless.”

The recent leaking and dissemination of sensitive documents related to U.S.-UK trade talks again highlighted the prospect of foreign interference in British politics. A report published Monday by Graphika, a company that studies disinformation, said the leaking resembled a previous Russian disinformation operation.

The Dec. 12 UK general election, which will pit the incumbent Conservative Party against Labour and other parties, is effectively a referendum on how British leaders have managed the country’s pending departure from the European Union.


UPDATE, 12/16/19: This story has been updated with comments from the National Cyber Security Centre, ProtonMail, and Ben Bradshaw after the investigations of the email received by Bradshaw.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts