Data breach incident management and recovery
-
News
29 Apr 2025
Scattered Spider on the hook for M&S cyber attack
The infamous Scattered Spider hacking collective may have been behind the ongoing cyber attack on Marks and Spencer that has crippled systems at the retailer and left its ecommerce operation in disarray. Continue Reading
-
News
29 Apr 2025
Kaspersky calls for cyber immunity amid growing cyber threats
The rise of professional cyber crime groups and state-sponsored actors targeting critical infrastructure requires a move towards inherently secure ‘cyber immune’ systems, says Kaspersky CEO Eugene Kaspersky Continue Reading
-
News
26 Jan 2021
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard Continue Reading
-
News
26 Jan 2021
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group Continue Reading
-
News
26 Jan 2021
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor Continue Reading
-
News
22 Jan 2021
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation Continue Reading
-
News
21 Jan 2021
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council Continue Reading
-
News
21 Jan 2021
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia Continue Reading
-
Feature
21 Jan 2021
How can healthcare organisations fight increased cyber crime in 2021?
As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
-
News
21 Jan 2021
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals Continue Reading
-
News
20 Jan 2021
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations? Continue Reading
-
News
19 Jan 2021
Questions raised by New Zealand central bank boss, following cyber attack investigation
The governor of New Zealand’s central bank said the organisation must answer questions about its security following a ‘significant’ attack Continue Reading
-
News
19 Jan 2021
Value of GDPR fines shows dramatic increase in 2020
European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise Continue Reading
-
E-Zine
19 Jan 2021
The UK’s struggle with digital schooling
In this week’s Computer Weekly, the UK government’s sudden decision to close schools left many unable to provide children with online schooling - we examine the home learning challenges. Cyber security experts give us their forecasts for 2021. And we find out how technology supports the work of the Guide Dogs charity. Read the issue now. Continue Reading
-
News
19 Jan 2021
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA Continue Reading
-
News
19 Jan 2021
MAS offers guidance on mitigating supply chain threats
Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks Continue Reading
-
News
18 Jan 2021
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering Continue Reading
-
News
15 Jan 2021
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack Continue Reading
-
News
14 Jan 2021
Old, on-premise systems targeted in Hackney ransomware attack
Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology Continue Reading
-
News
14 Jan 2021
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems Continue Reading
-
News
14 Jan 2021
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work Continue Reading
-
News
13 Jan 2021
World’s largest dark web market disrupted in major police operation
Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline Continue Reading
-
News
13 Jan 2021
Stolen Pfizer/BioNTech Covid-19 vaccine data leaked
Data dump understood to include screenshots of emails, peer review information, PDFs and PowerPoint presentations Continue Reading
-
News
12 Jan 2021
Mimecast latest security firm to be compromised
Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident Continue Reading
-
News
12 Jan 2021
Parler collapse opens door to phishing attacks
The shutdown of controversial social media site Parler, and the publication of huge amounts of user data scraped by ethical hackers, is giving cyber crime experts cause for concern Continue Reading
-
News
11 Jan 2021
Kaspersky claims link between Solorigate and Kazuar backdoors
Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship Continue Reading
-
News
11 Jan 2021
New Zealand central bank IT system breached in cyber attack
Bank is responding to a cyber attack after hackers breached the system of a third-party supplier Continue Reading
-
Feature
08 Jan 2021
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
News
08 Jan 2021
Which? online banking investigation reveals ‘worrying gaps’ in security
Consumer rights organisation has ranked the security of UK online current account providers Continue Reading
-
News
07 Jan 2021
Hackney Council data leaked by Pysa ransomware gang
Council data stolen in October is leaked online in a double extortion attack Continue Reading
-
News
06 Jan 2021
SolarWinds attack almost certainly work of Russian spooks
Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays Continue Reading
-
News
05 Jan 2021
Scammers impersonating the ACSC on the prowl
The Australian Cyber Security Centre warns of scammers who are using its name to gain control of personal computers and trick users into revealing personal information Continue Reading
-
Opinion
05 Jan 2021
Security Think Tank: Cyber effectiveness, efficiency key in 2021
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
31 Dec 2020
Top 10 investigations and national security stories of 2020
Here are Computer Weekly’s top 10 investigations and national security stories of 2020 Continue Reading
-
Feature
24 Dec 2020
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
News
24 Dec 2020
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020 Continue Reading
-
News
23 Dec 2020
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020 Continue Reading
-
News
22 Dec 2020
Ministry of Justice in the dock for catalogue of serious data breaches
Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading
-
News
18 Dec 2020
Finnish government tables laws to protect data from cyber criminals
Government is strengthening its legal framework to protect data from hackers in the wake of a massive breach at a psychotherapy centre Continue Reading
-
News
18 Dec 2020
Utility supplier People’s Energy has entire customer list stolen
All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident Continue Reading
-
News
18 Dec 2020
SolarWinds cyber attack is ‘grave risk’ to global security
More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear Continue Reading
-
News
17 Dec 2020
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading
-
News
17 Dec 2020
FireEye and partners release SolarWinds kill-switch
A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue Continue Reading
-
News
15 Dec 2020
SolarWinds cyber attack: How worried should I be, and what do I do now?
Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next? Continue Reading
-
News
15 Dec 2020
Cyber crime victims in the Netherlands not reporting offences
Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied Continue Reading
-
News
14 Dec 2020
FireEye identifies flaw in networking monitoring software as US agencies attacked
Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software Continue Reading
-
News
11 Dec 2020
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months Continue Reading
-
News
11 Dec 2020
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL Continue Reading
-
News
11 Dec 2020
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure Continue Reading
-
Opinion
11 Dec 2020
Security Think Tank: Integration between SIEM/SOAR is critical
SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
10 Dec 2020
After critical year, Vodafone trains security sights on CNI market
Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets Continue Reading
-
News
10 Dec 2020
Data on Pfizer/BioNTech Covid-19 vaccine stolen in cyber attack
The European Medicines Agency has launched a full investigation into an apparent security incident that has seen documents on the Pfizer/BioNTech Covid-19 vaccine stolen Continue Reading
-
News
09 Dec 2020
FireEye’s ethical hacking tools stolen in state-backed attack
Hacking tools used to conduct red team penetration testing were stolen in the state-backed attack on security firm FireEye Continue Reading
-
News
07 Dec 2020
HMRC referred 11 data security incidents to ICO in 2019-20
HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report Continue Reading
-
News
07 Dec 2020
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime Continue Reading
-
News
03 Dec 2020
Covid-19 vaccine supply chain attacked by unknown nation state
An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines Continue Reading
-
News
02 Dec 2020
Double extortion ransomware will be a big theme in 2021
Defenders will see heightened levels of cyber crime next year as criminals pivot their attacks from data encryption to exfiltration Continue Reading
-
News
01 Dec 2020
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020 Continue Reading
-
Feature
27 Nov 2020
This Christmas, Covid-19 heightens retail security risks for everyone
Do you think it’s only retailers and consumers who need to consider cyber security when shopping online during the holidays? You’re dead wrong. This year, the Covid-19 pandemic and the shift to remote working has thrown a spanner in the works Continue Reading
-
News
25 Nov 2020
Three cyber criminals arrested in Nigerian BEC investigation
Prolific cyber criminal gang is thought to have compromised up to half a million victims since 2017 Continue Reading
-
Tip
25 Nov 2020
8 benefits of a security operations center
A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
-
News
23 Nov 2020
Manchester United praised for swift response to cyber attack
Manchester United’s systems were attacked last week, and the club has been praised for a swift and decisive response Continue Reading
-
News
20 Nov 2020
Security pros fear prosecution under outdated UK laws
CyberUp, a group of campaigners who want to reform the Computer Misuse Act, finds 80% of security professionals are concerned that they may be prosecuted just for doing their jobs Continue Reading
-
E-Zine
19 Nov 2020
CW APAC: Expert advice on zero-trust security
Zero trust is a security model that eliminates the traditional perimeter and assumes that no user or device can be trusted until proven otherwise. In this handbook, Computer Weekly looks at how enterprises can take a zero-trust approach to securing their network, devices and workforce. Continue Reading
-
News
19 Nov 2020
Covid-19 shift to remote working adds to Earth’s growing e-waste problem
The shift to remote working has forced firms to purchase new IT equipment, but many are still lacking sustainable end-of-life processes for their devices Continue Reading
-
News
19 Nov 2020
Security sector broadly backs Boris Johnson’s Cyber Force
Security community says the presence of a robust cyber defence force alongside a robust physical one will be vital to the UK’s national security Continue Reading
-
News
18 Nov 2020
2021 the year of commodity ransomware, says Sophos
Sophos researchers anticipate a trickle-down effect in the cyber criminal underground Continue Reading
-
News
17 Nov 2020
Kaspersky shuts down data-processing activities in Russia
Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland Continue Reading
-
News
17 Nov 2020
Ransomware stats overload risks confusing buyers
UK-based organisations are either more, or less, likely to pay ransoms, depending on which cyber security supplier you want to believe Continue Reading
-
News
17 Nov 2020
Financial services data volumes heighten risk of insider breach
Financial services organisations hold so much data that it is becoming virtually impossible to safeguard properly against data breaches caused by malicious or careless employees Continue Reading
-
E-Zine
17 Nov 2020
How Mastercard is taking digital payments into a new era
In this week’s Computer Weekly, we talk to Mastercard about how the credit card giant is using new technologies to take digital payments into a new era. After months of unprecedented uncertainty, we ask CIOs how they are planning for the next 12 months. And we examine how the growth in remote working will affect IT salaries. Read the issue now. Continue Reading
-
News
16 Nov 2020
How Standard Chartered approaches cyber security
Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches Continue Reading
-
News
16 Nov 2020
Resident Evil studio Capcom confirms scale of Ragnar Locker breach
Videogame studio says the data of up to 350,000 people was likely to have been compromised in a Ragnar Locker ransomware attack Continue Reading
-
News
16 Nov 2020
Human error blamed in Welsh Covid-19 patient data leak
Public Health Wales accepts recommendations of independent probe into data breach that saw PII on 18,105 coronavirus patients leaked Continue Reading
-
News
16 Nov 2020
Hackney systems could be unavailable for months, says council
A month after a highly disruptive cyber attack on its systems, Hackney Council is still struggling to get back up and running Continue Reading
-
News
13 Nov 2020
Ticketmaster fined £1.25m by ICO for failing to protect customer data
Ticket website’s customer data was exposed through an attack on a third-party chatbot Continue Reading
-
News
12 Nov 2020
Online kids’ game Animal Jam confirms large breach
Cyber criminals have stolen data on 46 million Animal Jam player accounts via a third-party attack Continue Reading
-
News
10 Nov 2020
Leaky AWS S3 bucket once again at centre of data breach
Prestige Software exposed millions of records after failing to pay attention to the security of its cloud instances Continue Reading
-
News
10 Nov 2020
IT Priorities 2020: After Covid-19, security goes back to basics
This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals Continue Reading
-
News
06 Nov 2020
NHS warned over Ryuk spreading through Trickbot replacements
NHS Digital tells healthcare organisations to be mindful of a marked rise in usage of the Bazar and Buer loaders Continue Reading
-
News
04 Nov 2020
India and Japan report stronger concern over cyber threats
Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic Continue Reading
-
E-Zine
03 Nov 2020
The UK government’s ‘flawed and misleading’ Covid-19 data
In this week’s Computer Weekly, the coronavirus data relied upon by the UK government is ‘flawed and misleading’ say experts – we examine the implications. Ikea talks about how it turned to the cloud to deal with the impact of the pandemic. And we look at the digital transformation underway at credit card giant Capital One. Read the issue now. Continue Reading
-
News
02 Nov 2020
NHS weathers cyber crime storm during pandemic, says NCSC
The NCSC dealt with over 700 incidents in the 12 months to August 2020, with over 200 specifically related to Covid-19, and the NHS a critical area of focus Continue Reading
-
News
02 Nov 2020
Maze ransomware shuts down with bizarre announcement
The operators of Maze announce they are shutting down, and claim their crime spree was merely intended to demonstrate lax security at their targets Continue Reading
-
News
30 Oct 2020
Accidental heroes: How one scaleup pivoted to cyber
Simeon Quarrie designed his business using virtual reality and interactivity as a tool to tell stories that effect cultural change in enterprise environments – then a cyber criminal emptied his bank account Continue Reading
-
News
30 Oct 2020
ICO slashes Marriott breach fine to £18.4m
Reduced fine reflects both improvements made to hotel group’s cyber security and impact of coronavirus on the travel and hospitality sector Continue Reading
-
News
29 Oct 2020
Surge in Ryuk ransomware attacks has hospitals on alert
Russian cyber criminals are conducting a targeted campaign against hospitals with Ryuk ransomware Continue Reading
-
News
28 Oct 2020
Trump supporters targeted by cryptocurrency scammers
The successful breach of Donald Trump’s official website shows up lax security on his campaign team and is yet another timely warning that nobody is immune to cyber crime Continue Reading
-
News
28 Oct 2020
Finnish therapy centre accused of covering up cyber attack
Private therapy practice Vastaamo faces questions over its security and business practices in the months leading up to one of the biggest data breaches in Finland’s history Continue Reading
-
News
28 Oct 2020
Barracuda eyes Indochina markets
Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos Continue Reading
-
News
27 Oct 2020
Calls for clarity over Amazon insider breach
Security experts call for more clarity from Amazon over an apparent leak of customer data Continue Reading
-
News
26 Oct 2020
Highly unusual hacking attack directly threatens therapy patients
A hacker has directly contacted therapy patients to say their highly personal therapy notes will be put on the internet unless they pay the ransom Continue Reading
-
News
23 Oct 2020
Cyber attack on Hackney Council is ‘morally repugnant’, says mayor
Mayor of Hackney is ‘incredibly angry’ at the cyber criminals behind the attack, which will continue to disrupt key council services for some time Continue Reading
-
News
21 Oct 2020
Charities warned over ‘Robin Hood’ cyber criminals
Accepting donations from cyber criminal groups could be deemed as profiting from crime, money laundering or handling stolen goods – so don’t do it Continue Reading
-
News
21 Oct 2020
Customer loyalty accounts in danger from cyber criminals
Billions of credential stuffing attacks are harvesting valuable customer data for the dark web economy Continue Reading
-
News
21 Oct 2020
Retailers get access to new security toolkit
The British Retail Consortium has worked with the NCSC to develop a new cyber security toolkit pitched at retailers Continue Reading
-
Opinion
21 Oct 2020
Security Think Tank: Essential tools to mitigate double extortion attacks
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cyber crime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading
-
News
20 Oct 2020
Hackney Council services to be disrupted ‘for some time’
Inability to make housing benefit payments is likely to sting some tenants as Hackney cyber attack drags on Continue Reading
-
News
20 Oct 2020
Resilient Trickbot down but not yet knocked out
Global, Microsoft-led effort to disrupt the Trickbot botnet has seen some success, but new command and control servers continue to pop up Continue Reading
-
News
20 Oct 2020
BA breach penalty sets new GDPR precedents
The 90% reduction in the fine levied on BA over a 2018 data breach has legal experts talking about the ramifications for the future of data protection Continue Reading
-
News
20 Oct 2020
Six Russians charged over NotPetya and other attacks
Six members of the APT group known as Sandworm have been charged in the US over a series of attacks including the destructive NotPetya incident Continue Reading
-
Opinion
16 Oct 2020
Security Think Tank: Safeguarding PII in the current threat landscape
The threat of identity theft via a data breach is heightened with the rise of attacks where ransomware threat actors both encrypt and ransom, and exfiltrate and leak their victims’ data. How does this evolution in cybercrime heighten risk for the enterprise, and what steps can we take to safeguard the personal data we hold? Continue Reading