Region: uk
All items tagged uk.
- Two Scattered Spider members plead guilty over the 2024 Transport for London intrusion
- Healthcare — third-party exposure and a 16-month notification gap
- Insider and process failures — Munich school data, a lost SSD, and an NHS records caution
- UK ICO left leaderless mid-restructure — Commissioner resigns with immediate effect
- UK Information Commissioner resigns with immediate effect — regulator left leaderless mid-restructure
- HCRG Care Group first notifies patients of a February 2025 Medusa breach — 16 months on `[SINGLE-SOURCE]`
- UK ICO issues criminal caution to London Clinic insider over Princess of Wales medical-record access
- Education — ShinyHunters' PeopleSoft campaign lands disproportionately on universities
- UPDATE: Oracle PeopleSoft CVE-2026-35273 attributed to ShinyHunters; confirmed zero-day, 100+ victims, education sector hit hardest
- UPDATE: ShinyHunters PeopleSoft campaign — Oracle confirms CVE-2026-35273 and ships an out-of-band patch; Nottingham quantifies 455,000 records
- Oxford University CareerConnect (Group GTI) breach exposes students at multiple UK universities
- ICO secures Proceeds-of-Crime confiscation from former RAC employees who sold ~30,000 customer records
- Five Eyes "Safeguarding Our Secrets" — Chinese military intelligence systematically recruiting via LinkedIn and job platforms
- TA4922 — China-nexus cybercrime cluster expands from Japan into Germany, UK and Italy with native-language lures and Atlas RAT
- Five Eyes joint bulletin: Chinese military intelligence recruiting cleared personnel through LinkedIn and job platforms
- Proofpoint TA4922: a China-nexus cybercrime cluster expands from Japan into Germany, the UK and Italy with native-language lures and DLL-side-loaded Atlas RAT
- UK National Federation of Subpostmasters hit by ransomware via a cPanel flaw; disruption persists into June
- Ghost Stadium PhaaS — 300+ FIFA domain clones, multi-language fake SSO, targeting UK/Germany/Portugal/Spain fan credentials before June 11 kickoff
- Carnival Corporation confirms 5.99 M-record ShinyHunters breach — passport + driver's-licence numbers exposed across four cruise brands
- TechCrunch finds 100 K passport scans and selfies on a public-read S3 bucket behind a UK Visa Portal lookalike
- UK Visa Portal — ~100,000 passport scans and selfies on a public-read S3 bucket behind a government-lookalike site
- ShinyHunters Salesforce campaign — 40+ listed victims; Canada Life and Pitney Bowes confirm; the BreachForums extortion channel was previously seized
- ICO secures £355,880 POCA confiscation against former Markerstudy Insurance employee for off-hours bulk record access and sale [SINGLE-SOURCE]
- South Staffordshire Water — ICO £963,900 fine
- GemStuffer — RubyGems weaponised as a one-way exfiltration channel scraping UK local-authority ModernGov portals; new abuse pattern targets the asymmetric monitoring gap between package pull and push
- NCSC-UK — "10 questions to ask when using AI models to find vulnerabilities"
- ICO fines South Staffordshire Water £963,900 — water-sector OES with partial SIEM coverage; Cl0p attribution and ZeroLogon kill-chain detail sourced to The Record
- Audit SIEM/XDR telemetry coverage as a percentage of host inventory; the South Staffordshire 5%-coverage finding is the operational lesson
- Canvas / Instructure breach — five-day arc from first claim to seven Dutch universities executing emergency disconnects
- Education (NL, UK, DE)
- UPDATE: Canvas/Instructure — ShinyHunters claims a *second* intrusion despite May 8 patches; seven Dutch universities executed emergency disconnects on/before May 9
- UPDATE: Canvas/Instructure extortion — Oxford, Cambridge, Liverpool issue public statements; 44 Dutch universities confirmed; May 12 deadline active