Privacy and data protection
-
News
13 Mar 2025
US Congress demands UK lifts gag on Apple encryption order
Apple and Google have told US lawmakers that they cannot tell Congress whether they have received technical capability notices from the UK Continue Reading
-
News
12 Mar 2025
iPhone, iPad update fixes critical WebKit flaw
iPhone and iPad users are advised to update their devices as Apple addresses an out-of-bounds write issue in the WebKit browser engine that appears to have been exploited in targeted cyber attacks Continue Reading
-
News
26 Aug 2021
Tech giants commit to Biden's cyber security action plan
Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden Continue Reading
-
News
26 Aug 2021
Government unveils post-Brexit data flow proposals
The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law Continue Reading
-
Opinion
26 Aug 2021
Security Think Tank: Steps to a solid data privacy practice
Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world Continue Reading
-
News
26 Aug 2021
NZ privacy lead John Edwards named new information commissioner
DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner Continue Reading
-
News
24 Aug 2021
Over a million opt out of NHS data-sharing
Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme Continue Reading
-
News
24 Aug 2021
Campaign groups claim police have bypassed Parliament with plans for live facial-recognition tech
Civil society groups call for Parliament to scrutinise the use of live facial-recognition cameras Continue Reading
-
News
24 Aug 2021
More data breaches in Australia arising from ransomware
The number of data breaches in Australia arising out of ransomware attacks grew by 24% during the first half of 2021, according to OAIC’s latest data breach report Continue Reading
-
News
23 Aug 2021
Flexxon and Lenovo tie up on AI-infused SSDs
Singapore-based Flexxon teams up with Lenovo to make its solid-state drive that uses artificial intelligence to fend off cyber threats available on ThinkPad-based laptops Continue Reading
-
Opinion
20 Aug 2021
Security Think Tank: Data privacy not in isolation, but on a spectrum
The gap between data privacy and data governance is narrowing, and security leaders need to be aware of the implications, says KuppingerCole’s Anne Bailey Continue Reading
-
News
19 Aug 2021
Pub apps harvesting swathes of customer data unnecessarily
Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners Continue Reading
-
News
18 Aug 2021
Global VPN downloads soar in first half of 2021
Song remains the same with VPNs as repressive regimes’ continued regulatory demands and remote working see virtual private network usage rocket over the first six months of the year Continue Reading
-
Opinion
18 Aug 2021
Security Think Tank: Data privacy and ethics in a post-Covid world
The radical change caused by the pandemic requires new approaches to data privacy practice, says PA Consulting’s Daniel Gordon Continue Reading
-
News
17 Aug 2021
Educational publisher Pearson fined for data breach cover-up
Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach Continue Reading
-
News
17 Aug 2021
Security Think Tank: Building privacy-preserving apps and platforms
ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture Continue Reading
-
News
16 Aug 2021
ICO consults public on personal data in employment practices
The ICO has launched a public consultation on employers’ use of personal data to help it provide practical guidance for both businesses and workers Continue Reading
-
News
16 Aug 2021
Nearly half of retailers hit by ransomware in 2020
In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases Continue Reading
-
News
13 Aug 2021
UN special rapporteurs call for surveillance tech moratorium
In the wake of revelations about NSO Groups Pegasus spyware, a number of special rapporteurs from the United Nations are re-igniting calls for a global moratorium on the sale and transfer of surveillance technologies Continue Reading
-
News
13 Aug 2021
Cyber Runway programme supports new security businesses
The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses Continue Reading
-
News
13 Aug 2021
Hospitals see cyber security investment as a low priority
Almost half of hospitals have experienced an IT shutdown as a result of a cyber attack in the past six months, but just over one in 10 hospital executives see cyber security investment as a high priority Continue Reading
-
News
12 Aug 2021
ICO consults on new international data transfer agreement
Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers Continue Reading
-
News
11 Aug 2021
US wins bid to widen grounds of appeal in Julian Assange extradition case
The US government accused medical expert professor Michael Kopelman of misleading the court by failing to disclose details of Assange’s relationship Continue Reading
-
News
11 Aug 2021
Microsoft fixes seven critical bugs on light Patch Tuesday
All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service Continue Reading
-
News
11 Aug 2021
The Netherlands still lacks digital resilience, says report
Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient Continue Reading
-
News
10 Aug 2021
Ransomware demands and payments hit new records
Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021 Continue Reading
-
News
10 Aug 2021
Dutch lead the way in protecting themselves against internet risks
Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent Continue Reading
-
10 Aug 2021
Privacy Shield: US surveillance law reforms essential for EU-US data
EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield. Continue Reading
-
E-Zine
10 Aug 2021
Real-time data analytics in action
In this week’s Computer Weekly, we examine the emerging applications of real-time analytics and highlight the challenges for businesses to maximise the benefits. EU experts are calling for reform of US surveillance laws – we look at the issues. And we talk to the co-CEO of HR software giant Workday. Read the issue now. Continue Reading
-
News
10 Aug 2021
Researchers uncover database with 126 million unsecured records
Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns Continue Reading
-
News
09 Aug 2021
Possible ransomware attack hits Italian vaccine booking system
It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor Continue Reading
-
News
06 Aug 2021
Apple unveils plans to scan US iPhones for child sex abuse images
Apple will introduce child sexual abuse material detection for US users later this year, but some experts are worried that the technology could be repurposed to scan phones for other kinds of content Continue Reading
-
News
05 Aug 2021
BlackMatter goes on the record about DarkSide and REvil links
BlackMatter gives details of its ransomware-as-a-service operation and distinguishes itself from now-defunct ransomware gangs in interview with cyber security analysts from Recorded Future Continue Reading
-
News
04 Aug 2021
Six Isle of Wight schools hit by ransomware attack
Authorities are still working to manage the fallout from the attack, which has already forced at least one school to delay the start of the new term in September Continue Reading
-
News
04 Aug 2021
Leading venture capital firms are failing to protect human rights
Venture capital firms and high-profile tech accelerators are not conducting human rights due diligence on their investments, which means they cannot be sure the companies they invest in are not causing, or contributing to, human rights abuses Continue Reading
-
News
03 Aug 2021
Destruction and integrity cyber attacks on the rise
Cyber security professionals have reported a sharp rise in debilitating attacks aimed at destroying or manipulating data Continue Reading
-
Opinion
02 Aug 2021
Five tips to ensure your crisis comms plan is ready for a cyber attack
Business leaders take note: standard crisis communications plans are inadequate if you have fallen victim to a cyber attack. HPL’s Ted Birkhahn shares five tips to make sure you are ready to face the public Continue Reading
-
News
02 Aug 2021
Government publishes second version of digital identity trust framework
The second iteration of the framework, still in alpha version, sets out how organisations can become certified digital identity service providers Continue Reading
-
News
29 Jul 2021
Investigatory Powers Tribunal finds UK spy agencies unlawfully collected personal data
Campaign groups Privacy International and Liberty are gearing up to bring further legal action after a court found that UK spy agencies unlawfully collected phone and internet records Continue Reading
-
News
28 Jul 2021
Almost half unaware of GP data-sharing plans
Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign Continue Reading
-
Opinion
28 Jul 2021
Security Think Tank: Consider cyber policies and procedures as you welcome employees back
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
27 Jul 2021
ICO ends its involvement in dispute between NatWest Bank and data breach whistleblower
The Information Commissioner’s Office has ended its involvement in a dispute between a data breach whistleblower and NatWest bank Continue Reading
-
News
27 Jul 2021
US lawmakers call for probe into ‘arrogant’ spyware firm
US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal Continue Reading
-
News
27 Jul 2021
TikTok sets up cyber security hub in Dublin
Dublin-based cyber centre will oversee the security of TikTok’s users across Europe Continue Reading
-
News
27 Jul 2021
How IBM is solving the data privacy problem
IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy Continue Reading
-
News
26 Jul 2021
No More Ransom initiative saves £850m over five years
Initiative’s free ransomware decryption tools have been used by more than six million people since 2016 Continue Reading
-
Opinion
26 Jul 2021
Government-led innovation can help cyber startups find a market
There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path Continue Reading
-
News
25 Jul 2021
Tokyo 2020 hit by data breach
The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large Continue Reading
-
News
25 Jul 2021
OAIC: Uber failed to protect personal data of Australians
Uber did not take reasonable steps to protect Australians’ personal information from unauthorised access, says Australia’s national privacy watchdog Continue Reading
-
Feature
22 Jul 2021
New thinking and systems required to tackle online fraud in retail
Online fraud is a growing problem for retail, but are merchants doing enough to update systems and how should they change their actions to address it? Continue Reading
-
Feature
21 Jul 2021
Five ways to ensure remote working security and compliance
A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
-
News
21 Jul 2021
France’s Macron among alleged Pegasus targets
Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware Continue Reading
-
News
20 Jul 2021
NCSC’s Cameron urges deeper cyber alliance-building
Speaking to an event in Israel, NCSC CEO Lindy Cameron has praised joint UK-Israeli efforts on security collaboration Continue Reading
-
Opinion
20 Jul 2021
Sparsely staffed offices: the new post-pandemic cyber gap
With many offices still operating at limited capacity, a red teaming expert reveals how his job is getting easier, and why this is a problem Continue Reading
-
Opinion
20 Jul 2021
The Secret IR Insider’s Diary: It’s all gone quie...
The ‘Q’ word isn’t one that’s really used in incident response, says the Secret IR Insider, largely because as soon as you use it, something happens Continue Reading
-
News
20 Jul 2021
NHS Digital tightens rules for GPDPR data scrape
The proposed collection of patient data held by GPs will now only commence when three key criteria have been fulfilled, says NHS Digital Continue Reading
-
Opinion
20 Jul 2021
Security Think Tank: A return to the office is not a return to normal
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
19 Jul 2021
UK, US confirm Chinese state backed MS Exchange Server attacks
UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors Continue Reading
-
News
19 Jul 2021
Pegasus mobile RAT abused to monitor journalists and activists
Israel-based surveillance specialist NSO Group is facing renewed pressure after it emerged its Pegasus mobile surveillance tool may be being widely abused by repressive regimes Continue Reading
-
News
19 Jul 2021
Privacy Shield: One year on and companies are still grappling for answers
Activist lawyer Max Schrems and Eduardo Ustaran, partner at Hogan Lovells, look for common ground in a problem with no easy answers Continue Reading
-
E-Zine
15 Jul 2021
CW APAC: Trend Watch on supply chain security
In this handbook, Computer Weekly looks at the rise of supply chain attacks, the challenges that come with zero trust security and attacks on the Covid-19 vaccine supply chain Continue Reading
-
News
15 Jul 2021
Lawyers take EncroChat hacking operation to French supreme court
Lawyers head to French supreme court after appeals court finds EnroChat inception legal under French law Continue Reading
-
News
15 Jul 2021
Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study
EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield Continue Reading
-
News
15 Jul 2021
Singapore to invest S$50m in ‘digital trust’ capabilities
The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management Continue Reading
-
News
14 Jul 2021
REvil ransomware crew drops offline, reasons murky
The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated Continue Reading
-
News
13 Jul 2021
Secureworks sets up in EU datacentre for XDR services
New datacentre location helps Secureworks’ customers meet EU data residency requirements Continue Reading
-
News
13 Jul 2021
Dutch prosecutor ordered to give evidence on EncroChat hack
Netherlands court rules that a public prosecutor should give evidence about the role of the Dutch in the EncroChat cryptophone hack which has led to arrests of organised gangs worldwide Continue Reading
-
News
12 Jul 2021
NSW department of education hit by cyber attack
Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday Continue Reading
-
Opinion
09 Jul 2021
Professionals need protection from the Computer Misuse Act
The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act Continue Reading
-
News
09 Jul 2021
Met Police should release information on British WikiLeaks journalists passed to US, tribunal told
The Metropolitan Police should release correspondence with the US Department of Justice about three UK based WikiLeaks journalists, despite national security claims, a tribunal heard Continue Reading
-
Opinion
08 Jul 2021
Why identity is the central problem for the future of the internet
As debate rages over who has the right to control user identities online, is the concept of decentralised identity about to have its day? Continue Reading
-
News
07 Jul 2021
US government given permission to appeal UK’s decision to not extradite Julian Assange
US offers assurances that Assange could serve time in his home country of Australia if convicted Continue Reading
-
News
07 Jul 2021
ICO to probe Hancock over private email use
Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business Continue Reading
-
News
07 Jul 2021
How the UK Cyber Security Council plans to professionalise security
As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is Continue Reading
-
News
07 Jul 2021
Opportunists seen targeting Kaseya REvil victims
Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident Continue Reading
-
News
06 Jul 2021
About 60 Kaseya customers hit by REvil
Kaseya has revised upward the number of managed service providers compromised by the REvil ransomware gang in a supply chain attack at the weekend Continue Reading
-
News
06 Jul 2021
Cyber insurance costs up by a third
The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance Continue Reading
-
News
06 Jul 2021
BA reaches settlement in data breach group action
A group action against BA following its 2018 data breach has been successfully settled Continue Reading
-
News
05 Jul 2021
REvil crew wants $70m in Kaseya ransomware heist
Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo Continue Reading
-
News
03 Jul 2021
Berlin court finds EncroChat intercept evidence cannot be used in criminal trials
In a major setback for police hacking operations, Berlin’s regional court has decided that intercepted data from the EncroChat phone network should not be used in criminal prosecutions Continue Reading
-
News
02 Jul 2021
Cyber attackers up the ante on embattled IT teams
Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements Continue Reading
-
News
01 Jul 2021
Cyber espionage campaign targeted central Asian states
The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT Continue Reading
-
News
01 Jul 2021
NHS IT fraudster Barry Stannard sentenced to five years in prison
Stannard used his position as head of unified communications at an Essex NHS Trust to cheat the taxpayer of more than £800,000 Continue Reading
-
News
01 Jul 2021
Nominations open for 2021 Security Serious Unsung Heroes Awards
Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators Continue Reading
-
News
30 Jun 2021
Half of mobile phones sold in the UK at risk of security issues
Lengthy mobile phone contracts leave buyers at risk of their devices losing support for security updates Continue Reading
-
News
30 Jun 2021
REvil affiliates offer hefty ransom discounts, data reveals
REvil or Sodinokibi ransomware activity is higher than ever, but its success appears to be relative, with some affiliates prepared to dramatically cut their prices Continue Reading
-
News
30 Jun 2021
LinkedIn denies exposure of 700 million user records is a data breach
Data relating to 700 million users of the LinkedIn networking platform has appeared for sale, but the firm says it is the victim of data scraping, not a security breach Continue Reading
-
Opinion
30 Jun 2021
UK data exchanges with EU can continue after adequacy decision - but for how long?
For now European businesses can continue to send data to the UK without additional safeguards and paperwork. How long will it last? Continue Reading
-
News
30 Jun 2021
Cops seize criminal VPN used by ransomware gangs
A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity Continue Reading
-
News
29 Jun 2021
EU recognises UK data protection adequacy but warns against divergence
The European Commission has granted the UK data adequacy, allowing data sharing between the EU and the UK, but warns it may yet be revoked Continue Reading
-
Opinion
29 Jun 2021
Banking tech fraud: How to trace and recover your money
Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost Continue Reading
-
E-Zine
29 Jun 2021
Is the UK government planning to rewrite GDPR?
In this week’s Computer Weekly, a government taskforce on post-Brexit regulations has recommended changes to GDPR in the UK – we examine the implications. The NHS has launched a new data strategy - we look at what it means for your medical records. And we ask how to avoid the performance problems that affect private cloud. Read the issue now. Continue Reading
-
News
29 Jun 2021
Video game industry under relentless cyber attacks
Web application attacks against the global video game industry grew by 340% in 2020 as more people turn to gaming during pandemic lockdowns Continue Reading
-
News
28 Jun 2021
UK’s FCA bans crypto exchange Binance as crackdown spreads
Ban on Binance Markets comes amid a wider global crackdown on the largely unregulated global market for cryptocurrencies and related assets. Continue Reading
-
News
28 Jun 2021
HMRC-branded phishing scams surge despite protections
The number of HMRC-branded phishing scams surged 87% in the past 12 months, according to latest revealed figures Continue Reading
-
Opinion
28 Jun 2021
How CIOs can help their organisations accelerate digital transformation
Companies need to win the trust of their customers to gather the data they need to transform their businesses Continue Reading
-
News
28 Jun 2021
Lazada rolls out public bug bounty programme
Regional e-commerce giant Lazada is looking to uncover more vulnerabilities that could compromise data security in a public bug bounty programme that offers up to $10,000 per bounty Continue Reading
-
Definition
25 Jun 2021
end-to-end encryption (E2EE)
End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another. Continue Reading
-
News
25 Jun 2021
NCSC CEO: UK-Ireland collaboration crucial to stop cyber threats
Speaking at a conference in Dublin, NCSC Lindy Cameron is highlighting the importance of continued collaboration between the UK and Ireland to protect shared interests and counter security threats Continue Reading
-
News
25 Jun 2021
Anglesey schools offline after cyber attack
Isle of Anglesey County Council is investigating a cyber attack that has forced it to shut down systems at all five secondary schools on the island Continue Reading
-
News
25 Jun 2021
CMA to probe Amazon and Google over fake reviews
The CMA has opened an investigation into Amazon and Google over possible breaches of consumer protection law Continue Reading
-
News
24 Jun 2021
Google hands third-party cookies a stay of execution
Google’s proposed Privacy Sandbox initiative – which will see third-party cookies phased out in the Chrome web browser – has been pushed back to 2023 Continue Reading