A government-commissioned red teaming exercise has found that One Login, the UK’s flagship digital identity platform, can be compromised without triggering any alerts.
The test, carried out by the National Cyber Security Centre’s Cross-Government Red Team, revealed serious gaps in the system’s ability to detect and respond to intrusions. One Login is intended to provide a single, secure sign-in for services like tax, pensions and benefits.
Over 2 million users are already enrolled, but the findings raise concerns about whether the platform is safe for wider rollout. A Cabinet Office spokesperson said the exercise was “routine best practice” and confirmed improvements are being made, but offered no technical details.
Experts say silent compromise of a national identity system could expose millions to fraud, data theft or service disruption, especially if undetected for long periods.
Although this was a simulated attack and no real data was exposed, the key concern is that One Login failed to detect the breach, showing a weakness in spotting intrusions. For businesses, the lesson is that detection matters as much as prevention. Regular testing and active monitoring are vital to catch threats before they cause damage.
