Security News

More than two years after England launched a COVID data store, keeping details of National Health Service patients, the country's National Data Guardian remains unsatisfied with who is accessing the data. The COVID-19 data store was launched in March 2020, and would pull together medical and operational data about the spread of the virus across the country.

The NCSC in the UK reports having served 33 million alerts to organizations signed up for its "Early Warning" service. The government agency has dealt with a record number of online scams in 2021, removing more than 2.7 million from the internet.

The United Kingdom's National Cyber Security Centre has announced a new email security check service to help organizations identify vulnerabilities that could allow attackers to spoof emails or lead to email privacy breaches. The government agency, which leads the UK's cyber security mission, says the Email Security Check tool requires no sign-ups or personal details.

The UK government added 63 Russian entities to its sanction list on Wednesday. Among them are Baikal Electronics and MCST, the two most important chip makers in Russia.

For about half a year, work email accounts belonging to over 100 employees of the National Health System in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. Attackers started using legitimate NHS email accounts in October last year after hijacking them and continued to use them in phishing activity through at least April 2022.

Over 42 million people in the UK had financial data compromised. According to a release from international law firm RPC, the financial information belonging to approximately 42.2 million people in the U.K. was surrendered due to a growing number of ransomware attacks.

The Canadian research outfit also said it had identified at least 65 individuals linked with Catalan civil society groups in Spain who were targeted by, or infected with, surveillance software. On Monday, Citizen Lab, a part of at the University of Toronto's Munk School, said it had found likely NSO Group Pegasus spyware infections on devices associated with UK Prime Minister Boris Johnson's office, 10 Downing Street, and on devices linked to the FCO, now called the FCDO, or the Foreign Commonwealth and Development office.

UK retail chain The Works announced it was forced to shut down several stores due to till issues caused by a cyber-security incident involving unauthorized access to its computer systems. The Works has since switched to new third-party credit and debit card payment processors to address this last problem, which the company claims are safe.

A privacy rights org this week lost an appeal [PDF] in a case about the sharing of Bulk Personal Datasets by MI5, MI6, and GCHQ with foreign intelligence agencies. The decision means a contested part of a 2018 ruling by the IPT will stand: that safeguards and rules around data collection between 2015 to 2017 by the state agencies meant that sharing that data was legal - "Compatible with article 8 of the European Convention of Human Rights."

Two teenagers from the UK charged with helping the Lapsus$ extortion gang have been released on bail after appearing in the Highbury Corner Magistrates Court court on Friday morning. According to a statement from Detective Inspector Michael O'Sullivan of the City of London Police, a 16-year-old and a 17-year-old were charged following an international investigation into members of a hacking group.