Cyber Security News Roundup – 14th August 2023

Emily Davidson

By Emily Davidson

14 August 2023
Cyber Security News Roundup – 14th August 2023

It's a new week, and that means a round up of some of the cyber security and data protection news headlines over the last 7 days! To learn more about each story, click the headings.

Northern Ireland police data breach reveals names and roles of serving officers

8/8

On Tuesday, the Police Service of Northern Ireland (PSNI) was forced to investigate a data breach that reportedly led to the names and job roles of thousands of serving officers being published onto a public website. In the wrong hands, this data could cause “incalculable damage” in a region where police officers are often targeted – a senior detective in the force only recently survived a murder attempt. The leaked data was available for more than two hours, published as part of a freedom of information request with no information immediately available as to the identity of the requester. PSNI Assistant Chief Constable Chris Todd apologised for the “simple human error”, which he described as “unacceptable”. Fortunately home addresses weren’t contained in the leaked data, but with the terrorism threat level increasing to “severe” back in March, the lives of staff and their families could have been put at risk.  (Financial Times)

'Successful' cyber attack on elections body put details of more than 40 million voters at risk

8/8

Last week the Electoral Commission revealed that it was targeted by a successful cyber attack, which allowed criminals access to reference copies of electoral registers containing the names and addresses of anyone registered to vote between 2014 and 2022. The attack was first identified back in October 2022, but the hackers had first accessed the Commission’s systems in August 2021 – meaning the unidentified criminals had undetected access for over a year. At the time of the initial attack, more than 43 million individuals were on the register; whilst the data for many of these people is publicly available on the open register, 28 million had opted out. The Information Commissioner’s Office has since stated that it is investigating. (Sky News)

Hackers from Russia and China breached Foreign Office systems

11/8

Reports have emerged that the Foreign Office’s emails and internal messages were breached by Chinese and Russian hackers in 2021, enabling threat actors to see the day-to-day business of the government department. Details of the attack were kept hidden from the public, with the attack failing to reveal classified information, but it raised concerns about the government's security measures. It is likely that the breach was caused by a staff member accidentally downloading malware contained within an email – inside sources from GCHQ and the Foreign Office stated that “government departments are culturally apathetic about security and particularly cyber security”, and that both Russia and China had access at the same time, with separate attacks. The sources also stated that the government was left not knowing “whether they should admit it or not”. (Metro)

Another police force admits data breach after staff salaries published

11/8

Following the news of the data breach at the Police Service of Northern Ireland, Cumbria Police have now revealed that they have also suffered a breach. The Force stated that on the 6th of March information about pay and allowances had been uploaded to its website following a “human error”, adding that the impact of the breach was “low” but that all affected individuals would be contacted. Removed immediately once identified, the leak contained names and job roles but included no other personal information, such as addresses and dates of birth. The breach was also referred to the Information Commissioner’s Office, which stated that no further action was necessary. (The Independent)

Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's vital that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how we could protect your business!

Latest resources

Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation 
News

Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation 

Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.

Play your virtualisation cards right with Red Hat OpenShift 
Blog

Play your virtualisation cards right with Red Hat OpenShift 

If you’re the customer of one very large virtualisation vendor, you may feel like you’ve been dealt a pretty bad hand over the last few months. With the long-term impact of new licensing and support programmes up in the air, organisations are seeking guidance from IT service providers on how they can best plan for, and manage, their virtualised infrastructure going forward. 

💚 Celerity Goes Green: Supporting Marine Conservation with a Beach Clean 🏝️
News

💚 Celerity Goes Green: Supporting Marine Conservation with a Beach Clean 🏝️

Celerity has engaged with the Marine Conservation Society since 2024, to support their public Beach Clean events around the UK. MCS is the UK’s marine conservation charity, working to solve the climate crisis, protect marine wildlife and clean up our oceans.