'Team Elite' is thought to have exploited a flaw on the counter-intelligence and security agency's website, potentially accessing information about every web user that visited the site. MI5 has since said the flaw has been fixed and visitors to the site are no longer at risk.
While Sophos doesn't believe the hackers will have gained access to classified information, the security firm did urge all website owners to view the attack as a reminder of the security risks faced by all websites.
"Web infection is one of the primary routes by which hackers are trying to infect innocent computer users - and most of these attacks are occurring via legitimate sites, just like MI5's," said Graham Cluley, senior technology consultant at Sophos.
"Website owners should take this as a warning that they are vulnerable to embarrassing hacks if they are not properly protected."
Take part in PC Advisor's Broadband Survey 2009