Security News > 2023 > April > Criminal records office yanks web portal offline amid 'cyber security incident'
ACRO, the UK's criminal records office, is combing over a "Cyber security incident" that forced it to pull its customer portal offline.
In an email to users this week - seen by El Reg - ACRO confirmed it has "Recently been made aware of a cyber security incident affecting the website between 17th January 2023 and 21 March 2023.".
"As soon as ACRO was made aware of this incident, we took robust action to take the customer portal offline so that we could fully investigate," the message continued.
"We take data security very seriously and will ensure that the matter is fully investigated; part of the investigation will include learning how we can identify, prevent and block any future security threats," ACRO said in its email.
We're not sure ACRO should be handing out security advice right now but in any case, it urged users to make sure they use "Strong and unique passwords" for their online accounts and keep an eye out for suspicious activity, "For example potential phishing emails."
NCSC told us: "We are aware of an incident affecting ACRO Criminal Records Office and are working with them to fully understand the impact." The ICO said it is also aware of the incident and "Making enquiries." .
News URL
https://go.theregister.com/feed/www.theregister.com/2023/04/06/acro_security_incident/
Related news
- One-Third of UK Teachers Lack Cybersecurity Training, While 34% Experience Security Incidents (source)
- A closer look at the 2023-2030 Australian Cyber Security Strategy (source)
- The ROI of Security Investments: How Cybersecurity Leaders Prove It (source)
- AI’s impact on the future of web application security (source)
- Here's what happens if you don't layer network security – or remove unused web shells (source)