British MP William Wragg has admitted involvement in a Westminster sexting scandal when he shared colleagues’ phone numbers with a man he met on a dating app, WA Today reports.
Wragg, a Tory MP and vice-chair of the 1922 committee, gave the contact details of Westminster colleagues to a man he had previously met on Grindr and to whom he sent intimate photos of himself.
The MP for Hazel Grove, based in Greater Manchester, told The Times newspaper, which contacted him after speaking to victims who suspected he was involved, that he was “terrified” and the man “had compromising things on me”.
These colleagues – including several MPs, members of their staff and a political journalist – later received messages from senders using the pseudonyms “Charlie” or “Abi”.
At least 12 people working in and around parliament, including a sitting minister, were victims of the alleged phishing attack, raising fears that a hostile state could be responsible.
Politico reported on Wednesday that the victims received flirtatious messages, and in some cases explicit photos, in an attempt to lure them in.
The disclosure of Wragg’s involvement came after police confirmed that an investigation into the “honey trap” sexting scandal had begun. Leicestershire Police said it had launched an investigation into a report of “malicious messages” after “several unsolicited messages were sent to a Leicestershire MP last month”. Wragg, 36, who is openly gay, said:
“They had compromising things on me. They wouldn’t leave me alone. They would ask for people. I gave them some numbers, not all of them. I told him to stop. He’s manipulated me, and now I’ve hurt other people. I got chatting to a guy on an app and we exchanged pictures. We were meant to meet up for drinks but then didn’t. Then he started asking for numbers of people. I was worried because he had stuff on me. He gave me a WhatsApp number, which doesn’t work now. I’ve hurt people by being weak. I was scared. I’m mortified. I’m so sorry that my weakness has caused other people hurt.”
Politico reported that on 11 March, the acting minister received a message from “Charlie” who wrote that they used to work in Parliament and “flirted” in chat rooms. The minister replied, after which he blocked the number.
Another former MP was contacted by someone under the same pseudonym the same evening and sent a message saying: “Long time no see! Miss you in Westminster” and then: “I’m single again, so making the most of gay people in Westminster.”
“Charlie” went on to give the name of the MP they said they worked for, and sent an explicit photo the following day, when the former MP immediately blocked them. The Times reported that two MPs responded to “Charlie’s” requests to send back explicit images with photos of themselves.
Spear phishing is a term describing a targeted cyberattack on one or more victims to force them to disclose sensitive information.
Assessing the full scale of the spear phishing campaign is complicated by the fact that the messages emerged during the Easter holidays, when MPs are not present in Parliament.
On Thursday evening, all MPs and staff received a letter from Sir Lindsay Hoyle, the Speaker of the House of Commons, urging anyone who had received “unsolicited messages” of this nature to contact the Parliamentary Security Service.
Sir Lindsay said:
“The parliamentary security department continues to work closely with partners in government to analyse and understand the nature of these messages and any related security risk. I should stress that it would be unwise to speculate on their origin at this stage.”
He said parliamentary authorities will keep MPs informed of any developments and point them to resources where they can get cybersecurity advice. Politico reported that three people have already contacted parliamentary security. A parliamentary spokesman said:
“We provide members and staff with tailored advice, making them aware of security risks and how to manage their digital safety. We are encouraging anyone affected who has concerns to contact the parliamentary security department.”
Alicia Kearns, head of the Foreign Affairs Committee, said MPs and their staff “without question” needed better cyber security training. She added that she believed a foreign hostile state “or those working in their interests” could be responsible for the attacks. She said:
“The challenge for MPs and our staff is that the barrier for entry is so low, and the volume of attacks is so high – no matter how cyber aware or cautious you are, it is too easy to be tricked, and those waging these attacks are always ahead of us in creating new avenues to attack us.”
In November 2022, Wragg announced that he would not stand in the next general election.