Data breach incident management and recovery
-
News
10 Jul 2025
Four arrested in M&S cyber attack investigation
Police have made four arrests in connection with a trio of cyber attacks on UK retailers Marks & Spencer, Co-op and Harrods Continue Reading
-
News
09 Jul 2025
Qantas details impact of data breach on 5.7 million customers
Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised Continue Reading
-
News
10 Nov 2023
Ransomware attack on major Chinese lender disrupts financial markets
The financial services arm of one of the world’s largest banks was taken offline by a supposed LockBit ransomware attack, causing problems for US markets Continue Reading
-
Definition
09 Nov 2023
crisis communication
Crisis communication is a strategic approach to corresponding with people and organizations during a disruptive event. Continue Reading
-
News
09 Nov 2023
Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure
New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine Continue Reading
-
Opinion
09 Nov 2023
The best IR plans are well-revised and deeply familiar
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
09 Nov 2023
Suspected ransomware attack hits Scottish council
Systems at Comhairle nan Eilean Siar were downed on 7 November in a suspected ransomware attack Continue Reading
-
Opinion
08 Nov 2023
The plan for the inevitable cyber attack: Get the gist of NIST
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
08 Nov 2023
Iconic Singapore hotel caught up in major data breach
The Marina Bay Sands resort in Singapore uncovered a data breach of its guest loyalty programme last month Continue Reading
-
News
08 Nov 2023
King’s Speech misses the mark on cyber law reform, says campaign
A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress Continue Reading
-
Opinion
07 Nov 2023
Enhancing security: The crucial role of incident response plans
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
Opinion
06 Nov 2023
IR plans: The difference between disaster and recovery
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
06 Nov 2023
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account Continue Reading
-
News
06 Nov 2023
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents Continue Reading
-
Opinion
03 Nov 2023
Incident response planning requires constant testing
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
02 Nov 2023
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild Continue Reading
-
News
02 Nov 2023
UK workers exhibit poor security behaviours, report reveals
Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working Continue Reading
-
Opinion
02 Nov 2023
Use existing structures to build your incident response plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
Opinion
01 Nov 2023
Incident response planning is vulnerable to legacy thinking
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
31 Oct 2023
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature Continue Reading
-
News
31 Oct 2023
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks Continue Reading
-
News
27 Oct 2023
Domestic abuse charities surface fresh worries over NHS data sharing
With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk Continue Reading
-
News
27 Oct 2023
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft Continue Reading
-
News
27 Oct 2023
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings Continue Reading
-
News
27 Oct 2023
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts Continue Reading
-
News
26 Oct 2023
ChatGPT, Bard, lack effective defences against fraudsters, Which? warns
Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed Continue Reading
-
News
26 Oct 2023
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked Continue Reading
-
News
25 Oct 2023
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data Continue Reading
-
News
25 Oct 2023
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems Continue Reading
-
News
24 Oct 2023
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery Continue Reading
-
News
24 Oct 2023
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks Continue Reading
-
News
24 Oct 2023
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group Continue Reading
-
News
24 Oct 2023
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired Continue Reading
-
News
24 Oct 2023
NetApp ‘unified storage’ adds new ASA block storage at Insight
Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements Continue Reading
-
News
23 Oct 2023
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software Continue Reading
-
News
23 Oct 2023
How Ensign is leading the charge in cyber security
Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem Continue Reading
-
E-Zine
20 Oct 2023
CW APAC: Buyer’s guide to IAM
Identity access management tools are proving pivotal in the race to outwit cyber criminals. In this handbook, focused on IAM in the Asia-Pacific region, Computer Weekly takes a closer look at their capabilities, CyberArk’s growth, the uses of automation and how ForgeRock enhances user experience. Continue Reading
-
News
20 Oct 2023
RagnarLocker cyber gang that pioneered double extortion busted
Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline Continue Reading
-
News
19 Oct 2023
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures Continue Reading
-
News
19 Oct 2023
Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack
Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source Continue Reading
-
Opinion
19 Oct 2023
DORA: Moving into a new era of digital resilience
The EU’s Digital Operational Resilience Act will come into force in just over a year, the majority of risk management professionals are only at the beginning of their planning journey. Kate Needham-Bennett of Fusion Risk Management explains how to get things moving Continue Reading
-
News
18 Oct 2023
What are the cyber risks from the latest Middle Eastern conflict?
The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations Continue Reading
-
News
17 Oct 2023
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats Continue Reading
-
News
10 Oct 2023
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m Continue Reading
-
News
05 Oct 2023
Ransomware dwell times now measured in hours, says Secureworks
Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report Continue Reading
-
Feature
04 Oct 2023
Ransomware: All the ways you can protect storage and backup
We survey the key methods of ransomware protection, including immutable snapshots, anomaly detection, air-gapping, anomaly detection, and supplier monetary guarantees Continue Reading
-
News
03 Oct 2023
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date Continue Reading
-
E-Zine
03 Oct 2023
Where next for quantum computing?
In this week’s Computer Weekly, we talk to the head of Amazon’s Braket quantum computing services about how the technology is progressing. We go behind the scenes at an ethical hacker event to find out how bug bounty programmes work. And we analyse the offerings of the major players in software-defined storage. Read the issue now. Continue Reading
-
Opinion
29 Sep 2023
The trust deficit in CNI: How to address a growing concern
When it comes to addressing the trust deficit in CNI, technological advancements, evolving threats, inadequate regulations, insufficient investment, public awareness, and international cooperation are all critical components that need attention Continue Reading
-
Feature
28 Sep 2023
Automated cloud IR: Empowering cyber with AI-powered playbooks
As cyber threats increasingly target cloud infrastructure, demand for robust and reliable incident response measures is through the roof. Find out why you might want to consider bringing artificial intelligence into play Continue Reading
-
News
27 Sep 2023
Researchers offer free threat briefings on Vegas casino hackers
Permiso, a cloud detection and response startup, is making its threat intel team available to speak on Scattered Spider, the group behind recent cyber attacks on MGM Resorts and Caesars Entertainment Continue Reading
-
News
27 Sep 2023
City of Las Vegas masters cyber incident response with Darktrace
The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence Continue Reading
-
News
26 Sep 2023
Sony alleged victim of new extortion gang
A little-known threat actor claims it has breached IT systems and networks at electronics and entertainment giant Sony, and is threatening to release the organisation’s data unless paid off Continue Reading
-
News
26 Sep 2023
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report Continue Reading
-
News
26 Sep 2023
Crest and IASME to deliver upcoming NCSC Cyber Exercise programme
Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job Continue Reading
-
News
21 Sep 2023
‘Top’ ransomware gangs favour smaller businesses
Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses Continue Reading
-
News
20 Sep 2023
Organisations failing to proactively address insider cyber risk
Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk Continue Reading
-
News
19 Sep 2023
Okta confirms link to cyber attacks on Las Vegas casinos
Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed Continue Reading
-
News
19 Sep 2023
38TB Microsoft data leak highlights risks of oversharing
An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing Continue Reading
-
News
18 Sep 2023
Government seeks industry views on cyber threat to UK CNI
The Science, Innovation and Technology Select Committee is seeking evidence from the cyber sector as it launches an inquiry into the resilience of the UK's critical national infrastructure Continue Reading
-
News
15 Sep 2023
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers Continue Reading
-
News
15 Sep 2023
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force Continue Reading
-
News
14 Sep 2023
Data on over 3,000 Airbus suppliers leaked after breach
An emergent threat actor has leaked details of multiple sensitive Airbus suppliers after claiming to have accessed the firm’s systems having hacked customer Turkish Airlines Continue Reading
-
News
14 Sep 2023
BlackCat on the hook for cyber attack that crippled Vegas casinos
The ALPHV/BlackCat ransomware operation claimed responsibility for an attack that forced MGM Resorts to shut down systems at some of Las Vegas’ most popular gambling venues Continue Reading
-
News
14 Sep 2023
Google, Microsoft and Mozilla push browser updates to foil zero-day
A zero-day in Google’s Chrome browser was first reported by surveillance researchers at The Citizen Lab and Apple, but also affects other browsers Continue Reading
-
News
13 Sep 2023
BianLian ransomware gang holds Save the Children hostage
The dangerous and prolific BianLian ransomware gang claims to have stolen almost 7TB of data from NGO Save the Children, but thankfully the charity’s vital work on the ground appears to be unaffected Continue Reading
-
Blog Post
13 Sep 2023
Is it time for ICO to implement the 2016 Cybersecurity Select Committee recommendations?
turn the corporate priority from data breach notification to enabling staff and customers to report attempts at impersonation, whether or not there is evidence of an actual breach. Such a change ... Continue Reading
-
News
13 Sep 2023
NCSC and ICO sign MoU to forge deeper collaborative links
The scope of the MoU signed by the NCSC and the ICO includes collaboration on new cyber regulations and guidance, and how to support cyber attack victims appropriately and minimise regulatory penalties Continue Reading
-
News
12 Sep 2023
US casino giant MGM Resorts battles 36-hour outage after cyber attack
Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos Continue Reading
-
News
11 Sep 2023
Professional ransomware gangs clearly a threat, but attacks can be easily stopped
NCSC and NCA report reveals insight into business models and underpinnings of ransomware gangs and their affiliates, but also urges defenders to take heart, as stopping a ransomware attack is not that hard to do Continue Reading
-
News
11 Sep 2023
Polish election questioned after Pegasus spyware used to smear opposition, investigation finds
Senate committee alerts prosecutors over potential crimes by public officials involved in purchasing Pegasus spyware used to monitor and smear political opponents Continue Reading
-
News
08 Sep 2023
Apple patches Blastpass exploit abused by spyware makers
Apple has patched two vulnerabilities that formed an exploit chain which has been allegedly abused by spyware company NSO Continue Reading
-
News
08 Sep 2023
North Koreans using new zero-day to target security researchers
A threat actor linked to the North Korean government is continuing a long-running campaign targeting legitimate security researchers, using an as-yet undisclosed zero-day vulnerability to gain access to their victims Continue Reading
-
News
08 Sep 2023
Sensitive NatWest customer files set to be returned after High Court agreement
Sensitive NatWest customer files set to be secured by bank after years in the home of a data breach whistleblower Continue Reading
-
News
07 Sep 2023
UK and US slap fresh sanctions on Conti ransomware crew
London and Washington DC have imposed sanctions on 11 more members of the cyber criminal gang behind the Conti ransomware attacks Continue Reading
-
News
07 Sep 2023
Microsoft finds Storm-0558 exploited crash dump to steal signing key
Microsoft has published new information on how the Chinese state threat actor Storm-0558 was able to exploit a rare race condition following a crash dump in order to acquire a consumer signing key Continue Reading
-
News
07 Sep 2023
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks Continue Reading
-
News
06 Sep 2023
Meet the professional BEC op that targeted Microsoft 365 users for years
The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers Continue Reading
-
News
05 Sep 2023
Law firm Fieldfisher launches data breach management tool
UK and European data breach law specialist Fieldfisher has enlisted legal tech specialist Lawcadia to supply a 24-hour data breach notification assessment platform Continue Reading
-
News
05 Sep 2023
Hacked Electoral Commission failed Cyber Essentials audit
The Electoral Commission failed an NCSC Cyber Essentials audit on multiple counts at about the same time as cyber criminals breached its systems in 2021, it has emerged Continue Reading
-
News
05 Sep 2023
NCSC names ex-NCC man as new CTO
New NCSC CTO Ollie Whitehouse joins from NCC Group, having also worked at BlackBerry and Symantec Continue Reading
-
News
04 Sep 2023
LockBit ransomware gang allegedly leaks MoD data after hit on supplier
The UK government appears to have become entangled in a LockBit ransomware attack after data was leaked from a third-party supplier online Continue Reading
-
News
01 Sep 2023
Threat actors exploiting unpatched Juniper Networks devices
A series of vulnerabilities in Juniper Networks firewalls and switches appear to be being exploited in the wild to enable remote code execution, with thousands of devices thought to be exposed Continue Reading
-
Opinion
01 Sep 2023
It might be too soon to claim victory against Qakbot
The multinational operation to take down the Qakbot (aka Qbot) malware has been hailed as a great victory, but Lumu Technologies’ Ricardo Villadiego argues that the celebrations may be a little premature Continue Reading
-
News
31 Aug 2023
Sandworm attacks Ukraine with Infamous Chisel malware
The UK and its allies have attributed a novel malware campaign against Ukrainian state targets to the Russian intelligence-backed Sandworm APT Continue Reading
-
News
31 Aug 2023
Ducktail social media marketing malware rears its head again
Use of the Ducktail infostealer, which first popped up in 2022 targeting Meta Business accounts, seems to be increasing Continue Reading
-
News
30 Aug 2023
Cyber world hails downfall of Qakbot trojan
A multinational law enforcement hacking operation disrupted the botnet infrastructure used to distribute the Qakbot trojan at the weekend, in a major setback for the cyber criminal underworld Continue Reading
-
News
29 Aug 2023
Zero-day that forced Barracuda users to bin kit was exploited by China
Mandiant has published details of how a Chinese threat actor targeted high-profile users of Barracuda Networks' Email Security Gateway appliances, including government agencies of interest to Beijing's intelligence goals Continue Reading
-
News
24 Aug 2023
Teenage Lapsus$ ringleader was responsible for crime spree, UK court rules
A court has ruled that Arion Kurtaj, allegedly a key player in the Lapsus$ cyber extortion syndicate, was responsible for the group’s year-long campaign of cyber attacks Continue Reading
-
News
23 Aug 2023
St Helens Council in Merseyside hit by ransomware attack
St Helens Borough Council is investigating a suspected ransomware incident targeting its systems, and is advising residents to be on the alert for follow-on phishing attacks Continue Reading
-
News
23 Aug 2023
Cyber attacks in 2023 develop quicker as average dwell times plummet
The median attacker dwell time shrunk from 10 to eight days in the first seven months of 2023, and in the case of ransomware attacks it is down to just five days Continue Reading
-
News
22 Aug 2023
Singapore to bolster OT security capabilities
Cyber Security Agency of Singapore teams up with Dragos and the US Cybersecurity and Infrastructure Security Agency to bolster the country’s OT security capabilities Continue Reading
-
News
22 Aug 2023
Clop’s MOVEit attacks drive ransomware volumes to record high
Such has been the scope of Clop’s activity since May that ransomware attack volumes have more than doubled year on year, according to the latest data Continue Reading
-
News
21 Aug 2023
Cyber attack on Aussie energy services firm may hit UK CNI
Energy One, an Australia-based supplier of tech services to the energy sector, is investigating the possibility that some UK customers may have been caught up in an ongoing cyber attack on its systems Continue Reading
-
News
18 Aug 2023
NatWest customer calls bank’s handling of breach of his data ‘disgusting’
A second NatWest customer has contacted Computer Weekly after finding out from a whistleblower that his sensitive personal data has been in her home for 14 years Continue Reading
-
News
16 Aug 2023
NCSC expands Cyber Incident Response service more widely
The NCSC has added a level to its CIR programme to enable more cyber attack victims to take advantage of the service, which offers access to assured incident response specialists Continue Reading
-
News
15 Aug 2023
Norfolk and Suffolk police hit by FoI-linked data breach
Latest UK police data breach relates to crime suspects, victims and witnesses across East Anglia, and comes just days after a similar incident at the Northern Irish service Continue Reading
-
News
15 Aug 2023
Online safety message failing to get through to women
The security community could be doing a lot more to make its advice and guidance more accessible to women, according to a study Continue Reading
-
News
14 Aug 2023
US Cyber Board to probe cloud security after latest Exchange hack
CSRB review of cloud security comes in the wake of a major Chinese cyber attack on US government bodies orchestrated through Microsoft’s cloud services Continue Reading
-
News
10 Aug 2023
PSNI investigating second breach after laptop stolen
Just hours after accidentally disclosing the personal details of 10,000 personnel, the Police Service of Northern Ireland has notified a second data breach after a police issue laptop and documents were stolen from a parked car Continue Reading
-
News
09 Aug 2023
Northern Irish police expose staff data in botched FoI response
Human error is being blamed for the leak of personally identifiable information on all serving officers and civilian staff at the Police Service of Northern Ireland Continue Reading
-
News
08 Aug 2023
UK voter data hacked in cyber attack on election watchdog
An unknown threat actor who attacked the UK’s Electoral Commission had access to data on millions of UK voters for over a year, the watchdog has revealed Continue Reading