News

Privacy and data protection

• December 24, 2025 24 Dec'25

  Top 10 cyber crime stories of 2025

  In many regards, 2025 proved to be a relatively normal year for the cyber security world as threat actors and security pros continued their long-running cat-and-mouse game, but it was also a stand-out year that saw some of the largest cyber attacks ...

• December 19, 2025 19 Dec'25

  European Commission renews UK data adequacy agreement, ensuring continued free flow of data

  Despite calls from some data protection campaigners, the UK's agreement to allow data movement with European Economic Area countries is extended until 2031

• December 19, 2025 19 Dec'25

  ‘Sensitive’ data stolen in Westminster City Council cyber attack

  London borough confirms that data breach affecting three neighbouring councils in a shared IT services operation led to personal information being copied by a third party

• December 15, 2025 15 Dec'25

  Top IT predictions in APAC in 2026

  Enterprises across the Asia-Pacific region are expected to prioritise sovereign architectures, double down on securing agentic systems and rewrite their infrastructure playbooks, among other tech trends

• December 12, 2025 12 Dec'25

  Trump plans bonfire of US state-level AI regulation

  US president’s executive order targets state-level AI regulatory frameworks across the country, saying they are too onerous and endangering leadership in the field

• December 09, 2025 09 Dec'25

  MPs maul digital ID plans in Parliamentary debate

  MPs brand the government’s digital ID plans ‘un-British’ and ‘an attack on civil liberties’ during debate on the controversial policy

• December 09, 2025 09 Dec'25

  OAIC to launch blitz on privacy compliance

  Australia’s privacy watchdog will begin the new year with a compliance sweep targeting businesses that run afoul of privacy rules, including the over-collection of personal information in-person, warning that non-compliance could trigger fines

• December 08, 2025 08 Dec'25

  NCSC warns of confusion over true nature of AI prompt injection

  Malicious prompt injections to manipulate GenAI large language models are being wrongly compared to classical SQL injection attacks. In reality, prompt injection may be a far worse problem, says the UK’s NCSC

• December 08, 2025 08 Dec'25

  How police live facial recognition subtly reconfigures suspicion

  A growing body of research suggests that the use of live facial recognition is reshaping police perceptions of suspicion in ways that undermine supposed human-in-the-loop protections

• December 04, 2025 04 Dec'25

  Home Office launches police facial recognition consultation

  The Home Office has formally opened a 10-week consultation on a legal framework for police use of facial recognition technologies, and will consider extending any new rules to police deployments of other biometric and inferential technologies

• December 03, 2025 03 Dec'25

  NCSC and BT block a billion dangerous clicks

  A protective service jointly developed by the NCSC and BT has disrupted over a billion potential cyber incidents by stopping members of the public from clicking through to dangerous websites

• December 03, 2025 03 Dec'25

  UK national security strategy failing to account for online world

  The UK government’s national security strategy is falling short on online matters, according to the independent reviewer of terrorism

• December 03, 2025 03 Dec'25

  Post Office avoids £1m fine over botched website upgrade data breach

  The Information Commissioner’s Office considered fining the Post Office £1m for a 2024 data breach that let subpostmasters down again

• December 03, 2025 03 Dec'25

  Women in Cybersecurity Middle East marks five years of impact at Black Hat MEA

  As AI reshapes the regional cyber security landscape, diversity and skills development remain at the heart of building a resilient digital workforce

• December 03, 2025 03 Dec'25

  Black Hat MEA: Saudi Vision 2030 fuels surge in cyber security innovation

  Global cyber firms are racing to support the Kingdom’s mega-projects, but building trusted partnerships remains key, says Exabeam CEO Pete Harteveld

• December 02, 2025 02 Dec'25

  UK prosecution of alleged Chinese spies was ‘shambolic’ says Parliamentary committee

  The Joint Committee on National Security Strategy reports that China was engaged in malicious cyber attacks against UK Parliament and democratic institutions

• December 01, 2025 01 Dec'25

  Mandatory digital ID paves way for surveillance and exclusion, MPs hear

  It is currently unclear how the UK’s government’s proposed mandatory digital ID scheme will help with its stated goal of curbing illegal migration and working

• November 26, 2025 26 Nov'25

  US breach reinforces need to plug third-party security weaknesses

  Cyber breach at US financial sector tech provider highlights the risk of third-party vulnerabilities in finance ecosystems

• November 18, 2025 18 Nov'25

  Fintech leaders call for united front against AI-driven cyber crime

  As AI makes financial scams more personalised and convincing, fintech experts have called for deeper collaboration and the use of behavioural analytics and other technologies to protect consumers

• November 14, 2025 14 Nov'25

  Cl0p claims ransomware hit on NHS

  Ransomware gangsters claim to have attacked the NHS, but clarity on the nature of the incident is yet to emerge

• November 14, 2025 14 Nov'25

  MI5 made multiple applications for phone data to identify BBC journalist’s sources

  MI5 discloses it made and authorised unlawful ‘sequential applications’ for Vincent Kearney’s phone data during his time at the BBC, but will neither confirm nor deny whether it undertook further ‘lawful’ surveillance of BBC journalists

• November 12, 2025 12 Nov'25

  Hungry for data: Inside Europol’s secretive AI programme

  The EU’s law enforcement agency has been quietly amassing data to feed an ambitious but secretive artificial intelligence development programme that could have far-reaching privacy implications for people across the bloc

• November 12, 2025 12 Nov'25

  US cyber intel sharing law set for temporary extension

  The CISA 2015 cyber intelligence sharing law, which lapsed just over a month ago amid a wider shutdown, will receive a temporary lease of life should attempts to reopen the federal government succeed

• November 12, 2025 12 Nov'25

  Synnovis to notify NHS of data breach after nearly 18 months

  Synnovis, the pathology lab services provider hit by a Qilin ransomware attack in 2024, is notifying its NHS partners that their patient data was compromised, following a lengthy investigation

• November 11, 2025 11 Nov'25

  Google: Don’t get distracted by AI, focus on real cyber threats

  While hackers are using artificial intelligence to optimise attacks, many of the most damaging breaches still rely on old-school methods, says a top security analyst from Google

• November 11, 2025 11 Nov'25

  German healthcare aims to replace faxes and phones with secure messaging

  Germany’s digital health agency, Gematik, has turned to open source for secure messaging services that will link patients, doctors and pharmacies

• November 09, 2025 09 Nov'25

  Nikkei data breach exposes personal data of over 17,000 staff

  Hackers used stolen login details from an employee's computer to access the Japanese media giant’s Slack messaging platform, with names, email addresses and chat histories potentially exposed

• November 07, 2025 07 Nov'25

  Popular LLMs dangerously vulnerable to iterative attacks, says Cisco

  Cisco researchers probed some of the most widely used public GenAI LLMs and found many of them were dangerously susceptible to so-called multi-turn cyber attacks producing undesirable outputs

• November 04, 2025 04 Nov'25

  UAE Sovereign Launchpad begins nationwide roll-out with support from e& and AWS

  The cloud infrastructure platform aims to strengthen digital resilience and regulatory compliance across government and regulated sectors in the United Arab Emirates

• November 04, 2025 04 Nov'25

  G42 and Cisco expand strategic partnership to drive AI innovation and infrastructure growth

  The UAE-based tech group and global networking giant will co-develop secure AI infrastructure and cyber security solutions to support high-performance computing and datacentre growth

• November 04, 2025 04 Nov'25

  Fewer data breaches in Australia, but human error now a bigger threat

  Australian privacy commissioner warns that the human factor is a growing threat as notifications caused by staff mistakes rose significantly even as total breaches declined 10% from a record high

• October 31, 2025 31 Oct'25

  European governments opt for open source alternatives to Big Tech encrypted communications

  European governments are rolling out decentralised secure messaging and collaboration services as they seek to reduce their reliance on Big Tech companies

• October 29, 2025 29 Oct'25

  Rapid7: Cyber defences stuck in the 1980s as threats mount

  The company’s chief product officer notes that many defence tactics are still stuck in the past, urging organisations to adopt AI-driven security platforms to improve threat detection and response

• October 29, 2025 29 Oct'25

  Scope of US state-level privacy laws expands rapidly in 2025

  Nine state-level data protection laws have come into force in the US this year, and three more are slated for January 2026. Navigating this complex landscape is becoming a challenge

• October 27, 2025 27 Oct'25

  Hamas lawyer seeks appeal following police’s seizure of his phone at Welsh port

  Police say that solicitors cannot have a ‘cast iron defence’ to protect their electronic devices from ever being searched

• October 23, 2025 23 Oct'25

  Ministry of Justice’s OpenAI deal paves way to sovereign AI

  OpenAI has been busy signing deals with the UK government to bolster UK artificial intelligence. It’s now launching data residency for UK customers

• October 15, 2025 15 Oct'25

  ICO fines Capita £14m after ransomware caused major data breach

  Outsourcing giant hit with £14m fine over 2023 cyber attack, but costs could rise as legal actions continue

• October 13, 2025 13 Oct'25

  Court dismisses Apple’s appeal against Home Office backdoor

  Investigatory Powers Tribunal rules that Apple’s appeal against a Home Office order to access encrypted data of Apple users world wide will no longer proceed.

• October 13, 2025 13 Oct'25

  Thales: Trust in AI for critical systems needs to be engineered

  Confidence in artificial intelligence capabilities that power critical systems must go beyond words and be built on a hybrid model that combines data with physics and logic to prove reliability, according to Thales’s chief scientist

• October 09, 2025 09 Oct'25

  Chat Control encryption plans delayed after EU states fail to agree

  Plans to require technology companies across Europe to monitor the contents of encrypted messages and emails have been delayed after European Union member states were unable to reach agreement following German objections

• October 08, 2025 08 Oct'25

  Teens arrested over Kido nursery hack

  London’s Met Police arrested two teenage boys in Hertfordshire on suspicion of involvement in the recent Kido nursery hack that saw the personal data of infants stolen and leaked

• October 07, 2025 07 Oct'25

  Nato chooses Oracle to secure battlefield communications

  Nato has chosen Oracle and Druid to secure private 5G networks for cyber defence, war gaming and research, using Oracle Cloud and edge technology

• October 06, 2025 06 Oct'25

  Police ordered to give reasons in closed court for seizing phone of UK Hamas lawyer

  London court orders police to disclose reasons for seizing and copying the contents of a phone belonging to a UK lawyer who represented Hamas, but refuses an injunction to prevent police from reviewing the phone until after judicial review

• October 06, 2025 06 Oct'25

  Data sovereignty demand pushes Herabit to get S3 storage

  Italian service provider gets Cubbit DS3 distributed S3 storage to provide up to 2PB of cloud services to customers demanding data sovereignty, while cutting costs by up to 50%

• October 06, 2025 06 Oct'25

  UK government to consult on police live facial recognition use

  The UK’s policing minister has confirmed the government will consult on the use of live facial recognition by law enforcement before expanding its use throughout England, but so far, the technology has been deployed with minimal public debate or ...

• October 02, 2025 02 Oct'25

  PSNI appoints legal counsel to report on police conduct after McCullough surveillance review

  The Police Service of Northern Ireland has commissioned a senior lawyer to report back on whether there was any misconduct by police officers following the McCullough Review into the surveillance of journalists, lawyers and NGOs

• October 01, 2025 01 Oct'25

  Home Office issues new ‘backdoor’ order over Apple encryption

  A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service

• October 01, 2025 01 Oct'25

  EU Chat Control plans pose ‘existential catastrophic risk’ to encryption, says Signal

  As EU member states prepare to vote on plans to mandate tech companies to introduce technology to scan messages before they are encrypted, Signal warns that Chat Control will create new security risks

• September 30, 2025 30 Sep'25

  Cloud provider publishes ‘tech sovereignty’ plan for UK

  In the face of mounting data sovereignty concerns across Europe, UK cloud provider Civo lays out high-level plan for how the government can retain control and access of its data should the geopolitical situation sour

• September 30, 2025 30 Sep'25

  Google unveils AI-powered security to trap ransomware attacks

  The new security capability, available at no extra cost for most Google Workspace users, detects mass file encryption during ransomware attacks, stops the attacks from spreading and allows for restoration of files