Cyber Incident Victim: Britain First

On April 12, 2017, the far-right group Britain First experienced a coordinated cyberattack targeting multiple digital platforms. The incident compromised the Twitter accounts of leader Paul Golding and deputy Jayda Fransen, with Golding’s account renamed to "massive fucking chav." Fransen’s personal website was also defaced with unauthorized modifications. Attackers exfiltrated and publicly disseminated personal information belonging to both individuals, including residential addresses. Concurrently, Britain First’s primary YouTube channel was disabled, with all 178 videos rendered inaccessible. Platform enforcement actions contributed to this disruption, as YouTube removed at least one recent video filmed in Birmingham for violating harassment and bullying policies. The remainder of the channel’s content displayed removal notices indicating deletion "by the user," though attribution for these actions remained unclear.

The attack comprehensively disrupted Britain First’s online operations, eliminating their video archive and impairing official communications via Twitter and web platforms. YouTube’s enforcement decision on the Birmingham video demonstrated platform policy alignment with the harassment takedown rationale, while the mass video deletions suggested either compromised account access or deliberate sabotage. No group claimed responsibility for the intrusions, and technical details regarding initial breach vectors, detection methods, or containment procedures were absent from public reporting. Britain First representatives did not provide commentary when contacted by media outlets following the incident. The leak of personally identifiable information escalated potential physical security risks for the leadership beyond digital disruption.