This is the best summary I could come up with:

A cyberattack that began in August 2021 exposed the personal data of people in the United Kingdom who registered to vote between 2014 and 2022.

The Electoral Commission said on X (formerly Twitter) that it waited to report the delay so it could stop the attack and “assess the extent of the incident” as well as harden its systems and get in touch with the National Cyber Security Centre and the UK Information Commissioner’s Office.

Hackers gained access to servers containing copies of voter registration data, the commission’s emails, and its control systems.

But bad actors could compare it to other data to “infer patterns of behavior or to identify and profile individuals.” Fortunately, neither address information for overseas voters nor anonymous registrants was kept by the commission.

The elections watchdog group doesn’t know for sure what files were accessed, according to information from UK Electoral Commission CEO Shaun McNally published at BBC.

Commission chair John Pullinger said the attack was “very sophisticated” but that hackers weren’t able to alter or delete any information.

I’m a bot and I’m open source!