Britain's counter-intelligence agency, MI5, was caught off guard when hackers breached its web site by exploiting the vulnerability of a search engine.

Hackers apparently used viruses on computers of people using the MI5 website to find out their identities. However, no information was compromised because the website was not connected to a server and the problem has been fixed, a source said.

The source also said highly classified information, such as the identities of agents and informers in terror groups, including Al Qaeda, were not exposed.

Computerweekly.com quoted Matt Hampton of security firm Imerja that only information on the browser was affected without the connection to the highly-secured server of the agency monitoring security threats in the U.K.

Still, the attack raised concern because the vulnerability was unknown.

The vulnerability should have been known during penetration tests of the site, according to Paul Vlissidis, technical director at the penetration testing division of NCC Group. The U.K. firm tests the security of networks, applications and databases.