News

Privacy and data protection

• April 28, 2026 28 Apr'26

  UK data watchdog accused of dragging feet on eVisa investigation

  Despite longstanding data protection issues with the Home Office’s electronic visa system being flagged five months ago, the UK’s data regulator is yet to take any action

• April 28, 2026 28 Apr'26

  Lloyds Bank compensates another 1,625 customers after ‘alarming’ data breach

  Bank pays out compensation to more customers and reveals expansion of affected group

• April 26, 2026 26 Apr'26

  Black Hat Asia: Privacy and cyber security are inseparable

  The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told

• April 24, 2026 24 Apr'26

  BT has now blocked over a billion clicks to malicious websites, says NCSC

  NCSC’s Share and Defend scheme has seen BT block over a billion clicks through to malicious websites

• April 23, 2026 23 Apr'26

  Medical data of half a million Britons on sale in China after Biobank breach

  Biobank operator is taking steps to improve security after biological, health and lifestyle information from its database was offered for sale on a Chinese website

• April 23, 2026 23 Apr'26

  Using AI to manage insider risk amid Middle East conflict

  As geopolitical tensions reshape the cyber threat landscape across the region, organisations are turning to artificial intelligence-driven behaviour analytics, investigative automation and monitoring of AI agents to detect insider risk faster and ...

• April 22, 2026 22 Apr'26

  UK to build ‘national cyber shield’ to protect against AI cyber threats

  Security minister Dan Jarvis calls for artificial intelligence companies to work with government to develop AI-driven cyber defences

• April 22, 2026 22 Apr'26

  A tsunami of flaws: When frontier AI and Patch Tuesday collide

  Microsoft’s April Patch Tuesday drop was the second-largest in history, falling just shy of an October 2025 record. What is behind the spike in vulnerability disclosures, and is there a connection to Anthropic’s bug-hunting Claude Mythos AI model?

• April 22, 2026 22 Apr'26

  Three-quarters of UK IT leaders without strong AI governance plans

  Almost one in nine British IT leaders say their organisations use agentic AI, but with few putting in place strong governance plans, according to a Red Hat survey

• April 17, 2026 17 Apr'26

  North Korean social engineering campaign targets MacOS users

  A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by Microsoft’s Threat Intelligence Unit

• April 16, 2026 16 Apr'26

  CyberUK 2026: UK lagging on legal protections for cyber pros

  Ahead of next week’s CyberUK conference, the CyberUp Campaign for reform of the UK’s hacking laws urges the government to keep focus and proposes a four-pillar framework that would protect cyber professionals from prosecution

• April 15, 2026 15 Apr'26

  UK businesses must face up to AI threat, says government

  Technology secretary Liz Kendall urges Britain’s business community to sit up and pay attention to emerging AI threats, following the debut of Anthropic’s new frontier model, Mythos

• April 15, 2026 15 Apr'26

  Danske Bank upgrade error exposed 20,000 customer addresses

  Danish bank revealed details of a customer data leak last year which affected thousands of customers

• April 13, 2026 13 Apr'26

  UK reliance on US big tech companies is ‘national security risk’, claims report

  UK government urged to follow European countries by backing technology based on open standards

• April 09, 2026 09 Apr'26

  Singapore Cyber Security Agency chief: Cyber stability a necessity, not a luxury

  With state-linked attacks rising and international rules unravelling, Singapore’s cyber security commissioner calls for global cooperation to prevent catastrophic conflict in cyber space

• April 08, 2026 08 Apr'26

  Capita’s troubled Civil Service Pension Scheme hit by data breach

  A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service’s administrator, Capita, amid ongoing issues

• April 07, 2026 07 Apr'26

  Russian cyber spies targeting consumer, Soho routers

  The UK’s NCSC and Microsoft have shared details of an ongoing cyber espionage campaign targeting vulnerable network routers, orchestrated by Russian state actor Fancy Bear

• April 02, 2026 02 Apr'26

  How ‘Wikipedia of cyber’ helps SAP make sense of threat data

  SAP runs enormous cloud environments for some of the world’s most heavily-regulated organisations, and in the hyperscale era, data security and compliance were becoming big challenges. It turned to cutting-edge agentic tools from Uptycs to cut ...

• March 31, 2026 31 Mar'26

  High Court dismisses judicial review against eVisa system

  The High Court rules that the Home Office is acting lawfully in refusing to issue alterative proof of immigration status outside of its electronic visa system, but both the judge and the department accepts that those affected by data quality and ...

• March 31, 2026 31 Mar'26

  Shrinking PQC timeline highlights immediate risk to data security

  Google’s decision to move up its timeline for migration to post-quantum cryptography highlights that some of the cyber security risks posed by quantum computing are already reality

• March 27, 2026 27 Mar'26

  UK government lacks ambition to fight tax fraud, says PAC

  The Public Accounts Committee says the UK government has dropped the ball on the use of data analytics to tackle tax fraud and error, as the public purse haemorrhages billions of pounds

• March 27, 2026 27 Mar'26

  EU Parliament rejects Chat Control message scanning

  MEPs vote down proposals to allow US tech companies to continue scanning private messages for illegal content

• March 24, 2026 24 Mar'26

  Cyber pros must grasp the vibe coding nettle, says NCSC chief

  At RSA in San Francisco, NCSC chief exec Richard Horne says security professionals have an opportunity and a responsibility to get in front of the security issues raised by the popularity of ‘vibe coding’

• March 24, 2026 24 Mar'26

  US government bans imported routers, raising tough questions

  The US communications regulator has enacted a ban on all router hardware made outside America citing security concerns, but experts say the move may risk creating more issues than it solves

• March 20, 2026 20 Mar'26

  UK Cyber Monitoring Centre plans expansion in US amid risk of Category 5 attack

  Organisations lulled into a false sense of security after Russian invasion of Ukraine are still at risk of a Category 5 attack in 2026

• March 19, 2026 19 Mar'26

  Questions raised about Instagram memorialisation in Noah Donohoe inquest

  Court hears that a mother was frozen out of her son’s social media a day after he tragically died, potentially depriving a coroner investigating the case of a ‘huge’ amount of information

• March 19, 2026 19 Mar'26

  Apple issues first Background patch for WebKit browser flaw

  Apple’s first ever Background Security Update fixes a WebKit browser engine bug that could enable threat actors to see and steal important data from their victims

• March 18, 2026 18 Mar'26

  US lawmakers quiz Meta over ‘dangerous’ facial recognition plans for smart glasses

  Democratic senators warn that Meta’s plans to introduce facial recognition technology into smart glasses could lead to normalisation of mass surveillance and breach citizens’ rights

• March 17, 2026 17 Mar'26

  Digital IDs edge closer to practical reality for UK businesses

  Industries and policymakers are strongly aligned on the need for digital company IDs for UK businesses, as progress is made towards the implementation of a practical standard

• March 17, 2026 17 Mar'26

  Health workers call for Palantir to be booted from NHS contracts

  Health justice charity Medact warns that Palantir’s involvement in NHS data systems is a threat to patients and healthcare organisations

• March 17, 2026 17 Mar'26

  Interview: D360 Bank redefines cyber security for Saudi Arabia’s cashless future

  Muath Alhomoud, director of cyber security at D360 Bank, discusses payment security, cloud resilience and the responsible use of AI in a hyper-connected financial ecosystem

• March 16, 2026 16 Mar'26

  Companies House restarts online services following cyber breach

  Companies House was forced to pull its WebFiling service offline at the weekend after it emerged that a flawed update was putting data at risk of exposure

• March 16, 2026 16 Mar'26

  Revealed: How HMRC has been quietly building surveillance capabilities

  HMRC has bought phone scanning equipment and analysis software capable of extracting data from mobile devices as it steps up its electronic intelligence gathering capabilities, an investigation by Computer Weekly reveals

• March 11, 2026 11 Mar'26

  Iran war a melting pot for other cyber threats

  State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts

• March 11, 2026 11 Mar'26

  Salesforce tracks possible ShinyHunters campaign targeting its users

  Salesforce warns users of an uptick in malicious activity targeting Experience Cloud customers with misconfigured user settings via an open source tool

• March 11, 2026 11 Mar'26

  Child rapist could have profiled victims through unaudited access to NHS databases

  NHS analyst’s conviction for child sexual abuse offences raises concerns over unaudited access to patient data

• March 10, 2026 10 Mar'26

  WA auditor general flags weak Microsoft 365 security controls across state entities

  Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches

• March 09, 2026 09 Mar'26

  UK to launch cyber fraud squad in April

  The UK’s Online Crime Centre, launching next month, will bring together government, police, intelligence agencies, banks, mobile networks and tech firms to take coordinated action against cyber fraud

• March 09, 2026 09 Mar'26

  Trump looks to power up post-quantum, AI security

  The US has unveiled a six-pillar national cyber security strategy, with developing technological areas such as post-quantum cryptography and artificial intelligence front and centre

• March 06, 2026 06 Mar'26

  Scattered Spider attack on TfL affected 10 million people

  The 2024 Scattered Spider attack on Transport for London affected approximately 10 million people, many of whom remain blissfully unaware their data was compromised

• March 05, 2026 05 Mar'26

  Government wants to build digital ID system in-house

  The Home Affairs Committee hearing on digital ID reveals consultation is due next week; there will be no central database; and while government wants to build the system in-house, it will not replace private digital ID providers

• March 05, 2026 05 Mar'26

  Police do not have to explain to lawyer Fahad Ansari why they seized his phone data, says court

  A high court judge has ruled that police do not have to give reasons to lawyer, who acts for Hamas, why they seized his mobile phone data

• March 04, 2026 04 Mar'26

  Iranian hacktivists muster their forces but state APTs lay low

  Hacktivist activity surrounding the Iran war is sky-high but Iran’s state-backed cyber espionage actors have yet to show their hands, giving security teams a valuable window of time to shore up their defences

• March 04, 2026 04 Mar'26

  Zero-day in Android phone chips under active attack

  Google and Qualcomm have tag-teamed a serious vulnerability in the chipsets used in Android mobile devices, which has been exploited in the wild as a zero-day

• March 04, 2026 04 Mar'26

  Tycoon2FA phishing platform dismantled in major operation

  A Europol-led sting against the infamous Tycoon2FA MFA bypass phishing service has been successful, with operations disrupted and ringleaders and cyber criminal users identified

• March 04, 2026 04 Mar'26

  Landmark legal challenge against Home Office eVisa system heard

  The UK High Court will examine whether the Home Office policy of refusing to issue alternative proof of immigration status outside of its electronic visa system is lawful

• February 25, 2026 25 Feb'26

  The UK’s proposed social media ban explained

  The UK government will use new legal powers to lay the groundwork for an under-16 social media ban after its consultation on children’s digital well-being, but opponents warn the measures being considered will only treat the symptoms of the problem ...

• February 25, 2026 25 Feb'26

  Police created ‘intelligence profile’ of BBC journalist subject to phone surveillance

  Police and MI5 conducted seven unlawful operations to obtain phone data relating to former BBC journalist Vincent Kearney, the Investigatory Powers Tribunal heard today

• February 23, 2026 23 Feb'26

  Innovate UK cyber startup programme gets £10m funding booster

  Graduates of DSIT and Innovate UK's CyberASAP scheme to commercialise cutting-edge cyber research projects have raised nearly £50m in the past decade

• February 23, 2026 23 Feb'26

  Why crypto agility is key to quantum readiness

  With quantum computing threatening current encryption standards, experts call for organisations to achieve crypto agility by managing the lifecycle of certificates and cryptographic keys through automation