Security News
The UK's Labour Party, the official opposition to the country's ruling Conservatives, has suffered a humiliating data breach, according to multiple reports. Information sent to The Register suggests Labour members were sent notice of the issue, which it said had hit "a third party that handles data on our behalf."
More than half of data protection fines issued by the Information Commissioner's Office over the last two years, totalling more than £5m, have not been paid. The SMS Works pointed out that fines to home improvements companies appear to be least likely to be paid, with £1.6m in fines issued to these firms resulting in just £280,000 being repaid to date.
Britain's new Information Commissioner has called for video conferencing companies to enable end-to-end encryption on their products - even as police managers and politicians condemn the technology and demand its removal. This week the ICO urged tech companies to make end-to-end encryption "Available to all users" regardless if they're "Enterprise, consumer, paid or free" in a statement jointly backed by seven countries' data protection regulators - even including China.
Internet telephone service provider Voipfone, currently battling a "Major outage" across all voice services, has admitted to being hit by an "Extortion-based DDoS attack from overseas criminals" that knocked it offline last week. It seems that the evil-doers took the weekend off and attacked Voipfone again yesterday, according to Register reader Richard.
The UK's Competition and Markets Authority has unveiled compliance principles to curb locally some of the sharper auto-renewal practices of antivirus software firms. The CMA took exception to auto-renewal contracts for antivirus software that customers in the UK signed up for and found difficult to cancel.
A new national cyber strategy will be launched by year-end, the National Cyber Security Centre's chief exec has promised - while calling out spyware vendor NSO Group as a "Red flag" for the UK infosec community. Lindy Cameron told the Chatham House international affairs think tank that NSO Group was "Something we raised a red flag about before, that the commercial market for sophisticated cyber exploitation products is an issue."
Britain's National Cyber Force will be based in Lancashire, the government has said - though despite obvious clues neither the Ministry of Defence nor BAE Systems will confirm the force's planned new location. The Ministry of Defence also refused to say, citing spurious "Operational security" grounds.
The United Kingdom has revealed plans to invest £5 billion in bolstering national cybersecurity that includes creating a "Cyber Force" unit to perform retaliatory attacks. As the UK's Secretary of State for Defense Ben Wallace points out in an interview with The Telegraph, Britain isn't just looking to strengthen its stance against threats, but also to build up its capacity to launch retaliatory assaults.
The Ministry of Defence has published a data strategy that calls on the British armed forces to make better use of its "Enduring strategic asset" - by spying on social media and dobbing in dissenters to local councils. In a move bound to fuel tinfoil hat-wearing conspiracy theorists, the MoD's Data Strategy for Defence document [PDF] published this week says the military ought to be carrying out "Automated scanning of social media platforms" to detect "Change in population sentiment."
Giant Group, the umbrella company that has thousands of contractors on its books, has been targeted by a "Sophisticated" cyber-attack that floored systems and left workers out in the cold, the biz has now confirmed. The attack happened last Wednesday and forced the outfit - known to many as Giant Pay - to shut down its whole network, including its phone and email systems, as well as its IT infrastructure.