Security News

UK retail chain The Works shuts down stores after cyberattack
2022-04-06 18:22

UK retail chain The Works announced it was forced to shut down several stores due to till issues caused by a cyber-security incident involving unauthorized access to its computer systems. The Works has since switched to new third-party credit and debit card payment processors to address this last problem, which the company claims are safe.

UK spy agencies sharing bulk personal data with foreign allies was legal, says court
2022-04-06 08:33

A privacy rights org this week lost an appeal [PDF] in a case about the sharing of Bulk Personal Datasets by MI5, MI6, and GCHQ with foreign intelligence agencies. The decision means a contested part of a 2018 ruling by the IPT will stand: that safeguards and rules around data collection between 2015 to 2017 by the state agencies meant that sharing that data was legal - "Compatible with article 8 of the European Convention of Human Rights."

UK charges two teenagers linked to the Lapsus$ hacking group
2022-04-02 14:00

Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. According to a statement from Detective Inspector Michael O'Sullivan of the City of London Police, a 16-year-old and a 17-year-old were charged following an international investigation into members of a hacking group.

More charged in UK Lapsus$ investigation
2022-04-01 13:30

British police have charged two teenagers as part of an international investigation into the Lapsus$ cyber extortion gang. "Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program," he said.

UK spy boss warns China hopes Russia will help it take over tech standards
2022-03-31 04:01

The director of UK intelligence agency Government Communications Headquarters, Sir Jeremy Fleming, has warned that China is trying to introduce "Undemocratic values as the default for vast swathes of future tech and the standards that govern it." China believes Russia will support its digital markets and technology plans.

UK Cyber Security Centre advises review of risk posed by Russian tech
2022-03-30 06:51

The UK's National Cyber Security Centre has advised users of Russian technology products to reassess the risks it presents. In advice that builds on 2017 guidance about technology supply chains that include links to hostile states, NCSC technical director Ian Levy stated that the agency has not found evidence "That the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests."

UK police arrest 7 hacking suspects – have they bust the LAPSUS$ gang?
2022-03-25 19:48

A] large-scale social engineering and extortion campaign against multiple organizations, with some seeing evidence of destructive elements. More recent campaigns have expanded to include organizations globally spanning a variety of sectors.

UK Cops Collar 7 Suspected Lapsus$ Gang Members
2022-03-24 21:23

In a statement given to TechCrunch, the City of London Police said the seven are between 16 and 21: "The City of London Police has been conducting an investigation with its partners into members of a hacking group," according to Detective Inspector Michael O'Sullivan. There could well be more: Another investigator told the outlet that security researchers have identified seven unique accounts associated with Lapsus$, "Indicating that there are likely others involved in the group's operations."

UK Ministry of Defence takes recruitment system offline, confirms data leak
2022-03-24 11:01

The UK Ministry of Defence has suspended online application and support services for the British Army's Capita-run Defence Recruitment System and confirmed to us that digital intruders compromised some data held on would-be soldiers. The extent and method of the attack remains under investigation by the MoD and Capita.

Fresh concerns about 'indefinite' UK government access to doctors' patient data
2022-03-23 09:30

Concerns are being raised over UK government proposals to extend emergency powers introduced during the pandemic, giving it access to patient data held by general practitioners. The government has decided to put in place a plan "Omitting the expiry date contained within" emergency COVID powers and "To make a consequential amendment to the review provision", with the aim of "Establishing and operating information systems to collect and analyse data in connection with COVID-19.".

#UK