Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label UK. Show all posts
UK
Cyber Attacks Logistics Firm Peter Green Chilled Ransomware attack UK

British supermarkets' Supplier of Refrigerated Goods Hit by a Ransomware Attack

 

Peter Green Chilled, a logistics firm, has announced that it has been attacked by a ransomware attack, interrupting deliveries of refrigerated goods to some of the country's top supermarkets.

Customers — largely smaller producers who provide food to regional stores in Somerset, such as Aldi, Tesco, and Sainsbury's — received an email last Thursday informing them that the company will be unable to complete part of their orders owing to the cyber incident.

Peter Green Chilled told the BBC that the attack occurred last Wednesday and had no effect on the company's transport business, but he declined to elaborate on how the incident affected the IT infrastructure via which orders are placed. 

A substantial part of the nation's frozen food is transported by Reed Boardall, a cold storage and refrigerated transport company that was attacked a number of years ago. Some of its customers have warned that they would be spoilt if they couldn't get their products delivered to retailers in time, despite the fact that Peter Green Chilled is a far smaller supplier than Reed Boardall.

After incidents involving Marks & Spencer, the Co-op, and the upscale London retailer Harrods, this attack is the most recent to affect the British retail industry. A string of recent attacks, including one revealed last week that could expose the personal information of domestic violence victims to their abusers, has prompted renewed calls for the British government to adopt a more active response to the ransomware threat. 

Law enforcement agencies should hack the criminals' systems and take them down as the "ideal response" to ransomware gangs' attempts at data extortion, in which the gangs steal data and threaten to release it unless a certain amount of money is paid in cryptocurrency, according to Gareth Mott, a research fellow at the Royal United Services Institute think tank.

It was not an easy task, Mott said. Even though the National Crime Agency and its allies had been successful in combating ransomware organisations such as LockBit, Mott stated that he was unsure if they currently have the ability to eliminate the most risky data breaches on a selective basis.
Read more »
UK
Data Breach Data protection Dior Fashion UK

Dior Confirms Hack: Personal Data Stolen, Here’s What to Do


Christian Dior, the well-known luxury fashion brand, recently experienced a cyberattack that may have exposed customer information. The brand, owned by the French company LVMH, announced that an outsider had managed to break into part of its customer database. This has raised concerns about the safety of personal information, especially among shoppers in the UK.

Although no bank or card information was stolen, Dior said the hackers were able to access names, email addresses, phone numbers, mailing addresses, purchase records, and marketing choices of customers. Even though financial details remain safe, experts warn that this kind of personal data could still be used for scams that trick people into giving away more information.


How and When the Breach Happened

The issue was first noticed on May 7, 2025, when Dior’s online system in South Korea detected unusual activity involving customer records. Their technical team quickly responded by shutting down the affected servers to prevent more damage.

A week later, on May 14, French news sources reported the incident, and the following day, Dior publicly confirmed the breach on its websites. The company explained that while no payment data was involved, some customer details were accessed.


What Dior Is Doing Now

Following the European data protection rules, Dior acted quickly by resetting passwords, isolating the impacted systems, and hiring cybersecurity experts to investigate the attack. They also began informing customers where necessary and reassured the public that they are working on making their systems more secure.

Dior says it plans to improve security by increasing the use of two-factor login processes and monitoring accounts more closely for unusual behavior. The company says it takes customer privacy very seriously and is sorry for any trouble this may cause.


Why Luxury Brands Are Often Targeted

High-end brands like Dior are popular targets for cybercriminals because they cater to wealthy customers and run large digital operations. Earlier this month, other UK companies like Marks & Spencer and Co-op also reported customer data issues, showing that online attacks in the retail world are becoming more common.


What Customers Can Do to Stay Safe

If you’re a Dior customer, there are simple steps you can take to protect yourself:

1. Be careful with any messages that claim to be from Dior. Don’t click on links unless you are sure the message is real. Always visit Dior’s website directly.

2. Change your Dior account password to something new and strong. Avoid using the same password on other websites.

3. Turn on two-factor login for extra protection if available.

4. Watch your bank and credit card activity regularly for any unusual charges.

Be wary of fake ads or offers claiming big discounts from Dior, especially on social media.


Taking a few minutes now to secure your account could save you from a lot of problems later.

Read more »
UK
GPS Quantum Computers Satellites Technology UK

Quantum Computers Might Put Satellites at Risk — Here's What That Means for Us

 



Satellites play a quiet but essential role in our everyday routines. From helping airplanes land safely to guiding us with GPS, giving us internet access, and helping during emergencies — satellites support many things we rely on. But this system could be at risk due to a new kind of technology: quantum computers.

Quantum computers are not just upgraded versions of the computers we use today. They follow a completely different set of rules, based on quantum physics. Even though they’re still in development, researchers believe that once these machines are fully ready, they will be able to solve problems regular computers can’t handle — at much faster speeds.

For example, some tasks that would take current computers millions of years could be completed in minutes by a quantum computer. While we don’t know exactly when they will become practical, scientists are making real progress in building and improving them.

These powerful machines could bring huge benefits in science, medicine, and climate research. They could help us design better medicines, understand future climate changes, or create new materials. But along with these benefits, there’s also a serious danger — they could break the codes that protect our digital systems.

Right now, things like satellite signals, online banking, and private messages are protected by encryption. These protections are based on difficult math problems that regular computers can't easily solve. But quantum computers could solve them quickly, putting private and secure data at risk.

Satellites might seem untouchable because they’re far above the Earth. But with technology becoming cheaper and more available, skilled hackers or rival nations could try to intercept their signals or send fake instructions. Attacks like these are already possible today.

That’s why experts around the world are working on a new type of digital protection, called post-quantum cryptography. These advanced systems are being developed to resist attacks from quantum computers. Some governments, like in the UK, have already set goals to switch all systems to this stronger security by 2035.

Unlike phones or laptops, satellites can’t be easily updated once they’re in space. That’s why it’s important for all new satellites to be built with quantum-safe protections from the beginning. This will also help as more satellites start working together in groups to support different services.

If we don’t act soon, future quantum computers might be able to read or change the data that satellites send. This could interrupt GPS, affect emergency responses, or even create security threats for entire countries.

To stop this from happening, scientists, engineers, governments, and global organizations must work together. The good news is that steps are already being taken. By preparing now, we can make sure our satellite systems stay secure in the quantum future.

Read more »
UK
attacks Businesses Cyber Crime CyberCrime global cooperation guidance insurance Ransomware resilience Security UK

Global Effort Unites Against Ransomware: New Guidance to Strengthen Business Defenses

  

Ransomware attacks continue to pose significant challenges for businesses worldwide, with incidents on the rise. 

In response, the UK, along with 38 other nations and international cyber insurance organizations, has collaborated to release updated guidance aimed at supporting victims and enhancing resilience. This guidance advises against making immediate ransom payments, as recovery of data or malware removal is not guaranteed, and paying ransoms often encourages further criminal activity.

Instead, businesses are urged to create a comprehensive response plan, with policies and contingency measures in place. Organizations that fall victim to ransomware should report the incident to law enforcement and consult security professionals for expert guidance.

Ransomware has become a lucrative venture for cybercriminals, causing an estimated $1 billion in losses in 2023. By removing the incentive for criminals, these new policies aim to weaken the ransomware business model and reduce future attacks.

"International cooperation is crucial in fighting ransomware as cybercrime knows no borders," stated Security Minister Dan Jarvis. He emphasized that this collective effort will hit cybercriminals financially and better protect businesses in the UK and beyond.

The UK is taking a leading role, collaborating with three major insurance organizations—the Association of British Insurers, the British Insurance Brokers' Association, and the International Underwriting Association—to issue co-sponsored guidance. Meanwhile, the UK National Crime Agency has taken steps by sanctioning 16 individuals from the 'Evil Corp' cybercrime group, responsible for over $300 million in theft from critical infrastructure, healthcare, and government sectors.

Jonathon Ellison, Director for National Resilience at the NCSC, highlighted the urgency of addressing ransomware threats: "This guidance, backed by both international bodies and cyber insurance organizations, represents a united front in bolstering defenses and increasing cyber readiness."
Read more »
UK
Cyber Attacks Malicious Campaign Telecom Firm UK

BT Uncovers 2,000 Potential Cyberattacks Signals Every Second

 

BT logs 2,000 potential cyber attack signals per second, according to the latest data from the telecom behemoth, as it warns of the rising threat from cyber criminals.

The telecom firm stated it found that web-connected devices were being scanned more than 1,000 times each a day by known malicious sources, as attackers scan for vulnerabilities in online systems. While some scans are authentic for security monitoring, BT stated that 78% were not harmless. 

BT said its most recent data on the issue revealed a 1,234% lift in new malicious scanners across its networks over the last year, and cautioned that the increase could be attributed to more malicious actors using AI-powered, automated bots to scan for vulnerabilities in security systems in order to avoid tools designed to detect suspicious activity.

The UK's National Cyber Security Centre (NCSC) has previously cautioned that AI technologies were upskilling malicious actors and lowering the entrance barrier to launch cyber attacks.

According to BT's research, the IT, defence, and financial services sectors were the most targeted for cyber assaults, but other sectors, such as retail, education, and hospitality, were being increasingly targeted since they are seen to have a lower security focus. The data was made public during BT's Secure Tomorrow cybersecurity festival at the company's Adastral Park research facility in Suffolk. 

“Today, every business is a digital business, and our data shows that every 90 seconds hackers are checking connected devices to find a way in – like opportunistic burglars looking for an open window,” Tris Morgan, managing director for security at BT, stated. 

“Tools like AI provide new routes of attack, but they can also the first line of defence. At BT, we’re constantly evolving our network security to stay one step ahead and protect more than a million businesses, day in, day out.” 

The cybersecurity warning comes after the government announced that all UK data centres will be designated as Critical National Infrastructure (CNI), putting them on an equal footing with energy, water, and emergency services infrastructure, and will now receive more government support and protection from cyber attacks, IT blackouts, and environmental disasters.
Read more »
UK
Cyber Security Data Theft Databreach NHS Ransomware UK

Cybersecurity Expert Warns NHS Still Vulnerable After Major Ransomware Attack

 

A leading cybersecurity expert has warned that the NHS remains at risk of further cyber-attacks unless it updates its computer systems. This stark warning follows a significant ransomware attack that severely disrupted healthcare services across London. 

Prof Ciaran Martin, the founding CEO of the UK's National Cyber Security Centre (NCSC), told the BBC: "I was horrified, but not completely surprised. Ransomware attacks on healthcare are a major global problem." NHS England announced it was increasing its cybersecurity resilience and had invested $338 million over the past seven years to address the issue. 

However, Prof Martin’s warnings suggest more urgent action is necessary. A recent British Medical Association report highlighted the NHS's ageing IT infrastructure, revealing that doctors waste 13.5 million hours annually due to outdated systems - equivalent to 8,000 full-time medics' time. 

 The cyber-attack on 3 June, described by Prof Martin as one of the most serious in British history, targeted Synnovis, a pathology testing organisation. This severely affected services at Guy's, St Thomas', King's College, and Evelina London Children's Hospitals. 

NHS England declared it a regional incident, resulting in 4,913 outpatient appointments and 1,391 operations being postponed, alongside major data security concerns. The Russian-based hacking group Qilin, believed to be part of a Kremlin-protected cyber army, demanded a $40 million ransom. When the NHS refused to pay, the group published stolen data on the dark web. 

This incident reflects a growing trend of Russian cyber criminals targeting global healthcare systems. Now a professor at the University of Oxford, Prof Martin highlighted three critical issues facing NHS cybersecurity: outdated IT systems, the need to identify vulnerable points, and the importance of basic security practices.

He further said, "In parts of the NHS estate, it's quite clear that some of the IT is out of date." He stressed the importance of identifying "single points of failure" in the system and implementing better backups. 

Additionally, he emphasized that improving basic security measures could significantly hinder attackers, noting: "Those little things make the point of entry quite a lot harder for the thugs to get in." Emphasizing the severity of the recent attack, he said, "It was obvious that this was going to be one of the most serious cyber incidents in British history because of the disruption to healthcare."
Read more »
UK
Cyber Attacks Data Privacy Healthcare London National Cyber Security Centre NHS patient data protection Ransomware attack Russian Gang UK

Ransomware Attack on Pathology Services Vendor Disrupts NHS Care in London

 

A ransomware attack on a pathology services vendor earlier this week continues to disrupt patient care, including transplants, blood testing, and other services, at multiple NHS hospitals and primary care facilities in London. The vendor, Synnovis, is struggling to recover from the attack, which has affected all its IT systems, leading to significant interruptions in pathology services. The Russian-speaking cybercriminal gang Qilin is believed to be behind the attack. Ciaran Martin, former chief executive of the U.K. National Cyber Security Center, described the incident as "one of the more serious" cyberattacks ever seen in England. 

Speaking to the BBC, Martin indicated that the criminal group was "looking for money" by targeting Synnovis, although the British government maintains a policy against paying ransoms. Synnovis is a partnership between two London-based hospital trusts and SYNLAB. The attack has caused widespread disruption. According to Brett Callow, a threat analyst at security firm Emsisoft, the health sector remains a profitable target for cybercriminals. He noted that attacks on providers and their supply chains will persist unless security is bolstered and financial incentives for such attacks are removed. 

In an update posted Thursday, the NHS reported that organizations across London are working together to manage patient care following the ransomware attack on Synnovis. Affected NHS entities include Guy's and St Thomas' NHS Foundation Trust and King's College Hospital NHS Foundation Trust, both of which remain in critical incident mode. Other impacted entities are Oxleas NHS Foundation Trust, South London and Maudsley NHS Foundation Trust, Lewisham and Greenwich NHS Trust, Bromley Healthcare, and primary care services in South East London. 

The NHS stated that pathology services at the impacted sites are available but operating at reduced capacity, prioritizing urgent cases. Urgent and emergency services remain available, and patients are advised to access these services normally by dialing 999 in emergencies or using NHS 111. The Qilin ransomware group, operating on a ransomware-as-a-service model, primarily targets critical infrastructure sectors. According to researchers at cyber threat intelligence firm Group-IB, affiliate attackers retain between 80% and 85% of extortion payments. Synnovis posted a notice on its website Thursday warning clinicians that all southeast London phlebotomy appointments are on hold to ensure laboratory capacity is reserved for urgent requests. 

Several phlebotomy sites specifically managed by Synnovis in Southwark and Lambeth will be closed from June 10 "until further notice." "We are incredibly sorry for the inconvenience and upset caused to anyone affected." Synnovis declined to provide additional details about the incident, including speculation about Qilin's involvement. The NHS did not immediately respond to requests for comment, including clarification about the types of transplants on hold at the affected facilities. The Synnovis attack is not the first vendor-related incident to disrupt NHS patient services. Last July, a cyberattack against Ortivus, a Swedish software and services vendor, disrupted access to digital health records for at least two NHS ambulance services in the U.K., forcing paramedics to use pen and paper. 

Additionally, a summer 2022 attack on software vendor Advanced, which provides digital services for the NHS 111, resulted in an outage lasting several days. As the healthcare sector continues to face such cybersecurity threats, enhancing security measures and removing financial incentives for attackers are crucial steps toward safeguarding patient care and data integrity.
Read more »
UK
Data Breach data security Employee Data Fines ICO Information Commissioner Office Information Security Ireland UK

PSNI Faces £750,000 Fine for Major Data Breach

 

The Police Service of Northern Ireland (PSNI) is set to receive a £750,000 fine from the UK Information Commissioner’s Office (ICO) due to a severe data breach that compromised the personal information of over 9,000 officers and staff. This incident, described as "industrial scale" by former Chief Constable Simon Byrne, included the accidental online release of surnames, initials, ranks, and roles of all PSNI personnel in response to a Freedom of Information request. 

This breach, which occurred last August, has been deemed highly sensitive, particularly for individuals in intelligence or covert operations. It has led to significant repercussions, including Chief Constable Byrne's resignation. Many affected individuals reported profound impacts on their lives, with some forced to relocate or sever family connections due to safety concerns. The ICO's investigation highlighted serious inadequacies in the PSNI's internal procedures and approval processes for information disclosure. 

John Edwards, the UK Information Commissioner, emphasized that the breach created a "perfect storm of risk and harm" due to the sensitive context of Northern Ireland. He noted that many affected individuals had to "completely alter their daily routines because of the tangible fear of threat to life." Edwards criticized the PSNI for not having simple and practical data security measures in place, which could have prevented this "potentially life-threatening incident." He stressed the need for all organizations to review and improve their data protection protocols to avoid similar breaches. 

The ICO's provisional fine of £750,000 reflects a public sector approach, intended to prevent the diversion of public funds from essential services while still addressing serious violations. Without this approach, the fine would have been £5.6 million. In response to the breach, the PSNI and the Northern Ireland Policing Board commissioned an independent review led by Pete O’Doherty of the City of London Police. The review made 37 recommendations for enhancing information security within the PSNI, underscoring the need for a comprehensive overhaul of data protection practices. 

Deputy Chief Constable Chris Todd acknowledged the fine and the findings, expressing regret over the financial implications given the PSNI's existing budget constraints. He confirmed that the PSNI would implement the recommended changes and engage with the ICO regarding the final fine amount. The Police Federation for Northern Ireland (PFNI), representing rank-and-file officers, criticized the severe data security failings highlighted by the ICO. 

PFNI chair Liam Kelly called for stringent measures to ensure such an error never recurs, emphasizing the need for robust data defenses and rigorous protocols. This incident serves as a stark reminder of the critical importance of data security, particularly within sensitive sectors like law enforcement. The PSNI's experience underscores the potentially severe consequences of inadequate data protection measures and the urgent need for organizations to prioritize cybersecurity to safeguard personal information.
Read more »
Subscribe to: Posts (Atom)