Cyber Newsround 2018

2018 promises to be another year where the aggressors and defenders come face to face in the on-going cyberspace war. Cyber Newsround aims to bring the stories so that they can be shared with readers.


30th December 

Hackers have targeted a number of major US newspapers including the Los Angeles Times and the Chicago Tribune which has resulted in printing and delivery disruptions.

It is believed that the attack was carried out from outside the US and was a virus that affected the back office systems used to publish and produce newspapers.

From the investigations carried out to date it does not seem that subscribers data has been compromised during the cyber attack.

26th December

Hackers have managed to access a number of Twitter accounts of celebrities in an attempt to highlight alleged online security issues. The celebrities affected were understood to include Eamonn Holmes and Louis Theroux.

The security dangers are understood to be that of having a telephone number associated with a Twitter account.

This issue has been highlighted in the past and the hack was again there to highlight these issues and the potential seriousness that could lead to a loss of personal data.

20th December

Following in close suit to the ICO the French Data Protection Agency has also now imposed a fine on Uber of 400,000 Euros asa result of their 2016 data breach which exposed the data 57 million clients and drivers. The Netherlands equivalent agency have also imposed a 600,000 Euros fine.

15th December

Chinese hackers are targeting the US Navy by accessing contractors to take anything from ship maintenance data to missile plans.

A number of significant data breaches has taken place over the last 18 months with sensitive being obtained by hackers concerning military technology. This has included plans to build a supersonic anti-ship missile to be used by US submarines.

It is also understood that US universities have been targeted with military research laboratories for use by the Navy.

13th December

Italian oil services firm Saipem which is one of the world’s largest subsea and construction firms have suffered a hacking attack to approximately 300 of their computers which is believed to have been as a result of the Shamoon virus. The attack hit servers in the Middle East , India , Aberdeen and Italy. The firm has stated that they are in the process of fully restoring their computer systems.

The Shamoon virus has established itself as a ruthless virus that can cripple businesses causing damage and disruption. It overwrites a file know as a master boot  making it very difficult for computers to start up.

It is understood that no data was stolen and it is not know who was behind this attack but it is suspected that it may have been Iran.

6th December

The question and answer website Quora has been subject to a significant cyber attack whereby users e-mail addresses , names and addresses and passwords have been compromised. It is also understood that the hackers have accessed questions and answers that.

The estimated number of users affected is 100 million and the company is currently investigating the breach with the help of forensic investigators.

It is not yet known who was behind the attack and what the motive may have been.


30th November

The hotel group Marriot International has been subject to data breach that is believed to have affected 500 million of their customers. The attack focused on the guest reservation database of its Starwood division where it is believed that a hacker has had access to the computer network since 2014.

The hacker is believed to have encrypted the stolen personal details from the Marriot website so as to avoid detection by loss prevention tools when the information was taken from their network, the process it seems was not yet completed.

It is understood that customers are being notified where such personally identifiable has been compromised and believed to a combination of names . addresses , telephone numbers email addresses date of birth and arrival / departure details. Encrypted payment card information of some customers have also been taken.

The group have set up a designated website so that affected customers can obtain assistance with the data breach.

The ICO has received a data breach report from the hotel group and it is likely that they will investigate further in the coming weeks. The ICO now have invested in them the ability to issue substantial fines in these circumstances and it will be interesting to see how this plays out with this being the largest data breaches since GDPR came into force in May this year.

This data breach is not the largest ever record but ranks alongside that of Equifax , Yahoo and Target in recent years.

27th November 

The ICO has announced that it has fined Uber’s European operation £385,000 as a result of their data breach in November 2016 which impacted three million UK users.

In a statement by the ICO the breach was caused by inadequate information security and compounded by the US’s decision not to disclose the matter and rather pay the ransom demand of $100,000 made by the hackers. Uber also did not follow the recognized procedure of its’ bug bounty program and paid an outside  hacker as opposed to the real bug bounty recipient. None of the individuals affected by the breach were notified and accounts were only monitored for fraud some 12 months later.

Uber US were also ordered in September to pay $148,000,000 for failing to notify their own drivers of the data breach.

22nd November

A fashion show in Shanghai organised by Dolce and Gabbana has been cancelled due to a hacking attack on their social media account.

Derogatory comments were placed on on their official social media accounts relating to racism. The personal Instagram account of Stefano Gabbana was also compromised.

Dolce and Gabbana have apologized and regret any distress that this may have caused.

20th November 

The TalkTalk hack that took place in October 2015 now looks to have finally have reached its’ conclusion with two individuals being sentenced for a combined period of 20 months for their involvement in the attack.

It is understood that the hackers caused TalkTalk a total of £77,000,000 which included an ICO fine of £400,000.

The forensic analysis carried out by BAE Systems showed that there may have been a further 10 individuals involved but noone else has been arrested.

19th November

Vision Direct has revealed that customers personal and financial data has been compromised. The actual attack took place earlier in the month but has only just been announced. The details include names , addresses,e-mail addresses credit card numbers with expiry dates and CVV.

The breach has now been resolved but it is not know how many customers may have been affected by this. So far their have been limited incidences of fraud being carried out.

The type of breach is thought to be not dissimilar to that carried out on British Airways where hackers install a card skimmer on a website and skim data as users type it as opposed to stealing information from a database.

14th November

It has been announced that 250,000 credit card details of customers impacted by the British Airways in the August data breach could have generated near £10,000,000 for Russian hackers on the dark web. The attack was reputably carried out by the Russian group Magecart..

The value of the cards is higher than is normally expected with European credit card details fetching above average prices. Money is made by the hackers by the selling of skimmed payment data on a “dump and credit card shop” basis.

The feedback from British Airways is that there seems to be no know incidences yet of fraud but this could of course change in the coming months. The ICO is still investigating the breach.

2nd November 

FIFA have fallen foul of a phishing attack that may lead to leaks of confidential information. It is believed that the actual incident took place in March of this year. The information obtained is understood to have been sent to Football Leaks which could now be revealed into the public domain.

The Radisson Hotel Group has announced that its reward system database has been subject to a data breach. Names and addresses of individuals has been compromised but no password details were accessed by the hackers.


30th October

Eurostar has asked all its customers to reset their passwords as a result of an unauthorised attempt to hack into its computer systems.

No credit card or other payment card data was taken as this type of information is stored elsewhere. It is is not know how many customers were impacted by this incident but the ICO have in any case been notified of this matter.

A survey carried out by the law firm RPC has revealed that fines issued by the ICO have increased by 24% over the past year. The average fine is now just under £150,000.

The three largest fines during the year were Equifax – £500,000 Carphone Warehouse – £400,000 and The British and Foreign Bible Society – £100,000. All fines related to the failure to the appropriate procedures in place to protect the personal data of its customers / users.

25th October 

Cathay Pacific has revealed that it  has suffered a significant data breach  as a result of unauthorised access of the personal data of 9.40 million passengers.

The information included passport numbers, identity card numbers, credit card numbers and frequent flyer membership numbers.It is understood that no passwords have been compromised. The airline have also advised that no flight information systems were affected.

The Ukraine Foreign Ministry  has revealed that that they are subject to a cyber attack at least once a week. This highlights the dangers to government related bodies and that they are looked upon as prime targets for hackers as they are high profile organisations with access to confidential data.

24th October 

The court of Appeal have dismissed an appeal against the High Courts decision that Morrisons were vicariously liable for the actions of an employee who stole data of fellow employees from the company after being disgruntled by his treatment as a result of disciplinary action .

Morrisons were found liable despite having appropriate systems and procedures being in place that met the current data protection regulations at the time.

This is a landmark case which could see further class actions being made against corporate organisations where there is a data leak within the buinsess.

16th October

A survey carried out by the firm BSI has revealed that many businesses within Europe are unprepared for a data breach. The research also announced that almost 40 percent of businesses has been subject to a data breach in the last year and that many felt that their cyber security was a real concern to the business.

A leading observation is that businesses need to be more advanced in their methods of managing their cyber security posture and install more preventative methods centered around training and educations.

8th October

A report from the Department of Health announced that the WannaCry cyber attack last year costs the NHS £92 million and that 19,000 hospital appointments were cancelled. A third of all NHS trusts and 8 percent of doctors practices were affected.

The report also stated that the Department of Health had continued to invest in cyber security and improved IT infrastructure investing £60 million this year alone. The Government have also committed £150 million to upgrading its technology systems. The NHS have additionally agreed to upgrade to Microsoft Windows 10 for all of its IT systems.

1st October 

The Financial Conduct Authority (FCA)has imposed a fine on Tesco Bank of £16.40M as a result of the cyber attack that it suffered in 2016 where customers data was compromised.

The investigation carried out by the FCA found that Tesco Bank had failed to exercise due skill care and diligence in protecting their customers data. The hackers stolen in the region of £2.26M.

It was felt that Tesco did not address the cyber attack with the seriousness that it deserved and that their users should not have been subject to the ensuing data breach. It was also ascertained that the Tesco’s debit card contained deficiencies and that the financial crime  controls were not at the expected level.


28th September 

Facebook has announced that a  hacker has breached their site gaining access to 50 million users accounts. This was apparently caused by three bugs which were discovered by the Facebook IT security team.

The reason behind the attack was understood to steal OAuth bearer tokens which prove the Facebook user is the rightful owner of an account but also allows visibility to what they have access to and have the potential to unlock other accounts of the user where the user utilizes Facebook credentials.


Facebook have now advised that it appears that the number of affected individuals is nearer to 30 million rather than the 50 million originally indicated.

A full investigation is under way so that it can be determined what information has been accessed.

28th September 

San Diego port has been subject to a ransomware attack after malware had managed to get into their computer systems. It is understood that this did not however impact on ships and boats that were using the port.

A full investigation is underway involving the FBI and Homeland Security. The main impact was on the administrative operations of the port where park permits are issued and general business services are provided. A number of computers were shut down in an effort to stop the ransomware attack spreading which impacted on the operation of the port. A ransomware demand was made in bitcoins but it is not known how much was requested.

19th September 

It has been revealed that Premium Credit has suffered an outage which is suspected to be as a result of a cyber attack by hackers.

Premium Credit has been off line for four days and was still struggling to get back the full use of its computer systems much to the frustration of its users in particularly the insurance broking sector who rely on this for the financing of insurance premiums.

It has been claimed that no data breach has occurred and that clients data have not been compromised.

17th September

Bristol Airport has had to take its’ flight screens offline for two days as a result of a cyber attack. The electronic screens have temporarily replaced with wipe boards with additional staff being drafted in the assist with the situation.

No flights have been affected with the airport being able otherwise to operate normally.

The attack is believed to have been a ransomware based attack. The ransom was not paid with the technology team rebuilding the systems that had been infected. It is not believed to have been a targeted attack but more of an opportunistic hacker taking advantage of vulnerability in the airports’ computer systems.


24th August 

Iranian hackers are believed to have targeted universities in the UK to steal secret research. Several  attacks have been identified as emanating from Iran with the specific aim of accessing unpublished research that contains intellectual property.

The group behind this thought to be the Cobalt Dickens group. Other universities around the world have also reported similar intrusions.

The attacks are carried out by the creation of a false website with a login page , once logged in the user is redirected to a legitimate website unbeknown to them that they have given their details away to the hackers.

24th August 

T-Mobile has been hit by a significant data breach which has impacted on 2 million of their customers. It is however understood that no financial data stolen or passwords compromised.

There are no further details available at the moment and a full investigation is being undertaken to ascertain how the breach took place and how the hackers gain access to the data.

23rd August

It is understood that the personal information of many Eir customers could be at risk as the result of a laptop being stolen from one of their employees.

The information that may have been exposed relates to names addresses phone numbers and account numbers of customers.

Customers have been advised of this data breach.

22nd August

Superdrug has warned customers that 20,000 of them may have had their data compromised as a result of a cyber extortion attack. In view of this Superdrug are advising their customers to change passwords.

It is believed that customers e-mail addreses and passwords that were stolen from other websites were used to access the Superdrug website.

The ICO have been advised in accordance with GDPR regulations.

This again demonstrates the need to have unique passwords for different logins to access online accounts particularly where sensitive details can be compromised.

14th August

Instagram users have noticed that they are being logged out of their accounts and once they tried to get back in their handle and photo had been changed together with their e-mail address and phone number connected to the account. Password resets were attempted unsuccessfully.

It is not clear how the attack took place but it is likely to be a co-ordinated attack on the social media website.

13th August

Butlins has been hit by a data breach with personal details such as postal addresses and holiday arrival dates been stolen. It is believed that the data was assessed via phishing attack which was reported within 72 hours to the ICO with the GDPR requirements.

It is believed that 34,000 customers were impacted by the data breach.

13th August

A hacker has exposed approximately 10,000 passwords of care homes and hospital staff. Embrace Learning , an on-line training business was hacked in 2016 where e-mail addresses and passwords were compromised and sold on-line on the dark web. a number of NHS Trusts and hospitals were also affected.

This is a good example of a hack taken place a number of years’ with the consequences only just coming to light.

9th August

It is understood that the PGA Championship servers have been hacked locking a number of files. The files impacted related to marketing materials connected with the tournament and the Ryder Cup to be held in France.

A bitcoin address was provided but no amount was specified, the hackers carried out a ransomware attack and offered to unlock the files to prove that they could unlock them.

It is not know who carried out the attack but the timing suggests that the hackers wanted this to have the maximum impact before the tournament took place.

5th August

An RAF airwoman’s dating profile on Tinder has been hijacked by a spy who then made contact with another RAF servicewoman to obtain details of the F-35 stealth fighter. The source of the hack has not yet been ascertained but the suspected countries are likely to be China or Russia.

The RAF have advised that no confidential information relating to the fighter were obtained.


23rd July

The largest healthcare provider in Singapore, SingHealth has been subject to a very significant cyber attack where data has been stolen affecting many individuals including the Prime Minister Lee Hsiang Loong.

The data stolen appears to be non-medical personal information including names,addresses,dates of birth and identity card information.Further details of how the breach occurred are still awaited.

A police investigating is underway and concerned individuals have a helpline that they can call to see if they have been impacted by this possible compromise of their personal data.

11th July

Timehop has announced that they have suffered a data breach where personal data of 21 million users have been compromised. Users have had their names and e-mails stolen with a smaller percentage also having their phone numbers accessed.

The original attack apparently took place after Timehop’s cloud environment was accessed via compromised admin credentials.

It is understood that no financial details were stolen, data stolen has also affected European users as well as those in the US.

4th July

Fortnum and Mason , the high end department store have suffered a cyber attack which has led to the leaking of the personal data of many of their customers.

The attack was gained via their website which contained a survey form of whom 23,000 people completed disclosing data that included phone numbers and addresses but it is believe that any personal information was disclosed.

The firm that conducted the survey was Typeform and it is understood that a third party hacked into their database gaining access to this information. Fortnum and Mason have now removed any links to Typeform and will only reintroduce these once improved security procedures are in force.


29th June

It is understood that the sportswear maker Adidas have suffered a hacker attack whereby customers have had personal information been stolen from the US website.

The type of information exposed was names and addresses , e-mail addresses and encrypted passwords but no personal financial details were compromised.

The company has as of yet not provided any further information of the data breach until a full investigation has been carried out.

28th June

Ticketmaster has announced that it has suffered a security breach whereby customers personal information and payment details may have been compromised.

It appears that a third party customer support service chat application may have lead to the data breach. It is not know the number of customers that may have been affected but it is perceived that thousands of Ticketmaster’s customers could have been impacted by this. It is however understood that a significant number of UK customers have been affected.

An investigation is underway as to how the data breach occurred and customers have been offered free 12 month identity monitoring service.

28th June

It has been revealed that hackers have exploited a vulnerability in a web app on a server managed by FastBooking whereby names, e-mail addresses and payment card data from guests at many hotels are likely to have been exposed. Malware was installed which enabled the personal details to be accessed.

Fast Booking works with 4,000 partner hotels in a 100 countries but despite this but only a small element of the hotels have been affected which is believed to be that of Japanese customers data.

21st June

Tesla , the car manufacturer have filed a lawsuit against a former employee accusing them of hacking the company’s computer systems which resulted in leaking trade secrets to the media and information to other third parties.

It is believed that the motive behind this attack is revenge as the employee wanted a promotion whereby he was overlooked. The make-up of the hack appears to be that typical of an insider attack where false usernames were utilized with higher privileged access.

As with any data breach, management of the fallout is always difficult with adverse publicity likely to follow such a high profile company as Tesla.

20th June

A study by Shred-it has revealed that nearly a third of UK businesses that have suffered a data breach have terminated an employee’s contract for related negligence.

The study also shows that employees can have a significant role in a data breach which firms are now very much alive to and that they should place emphasis on robust cyber security procedure and training.

A lack of GDPR training of employees was also discovered and that GDPR compliance within UK businesses was very patchy.

Working remotely also was found to be a danger to potential data breaches by employees.

20th June

Bithumb , the Seoul based crypto – coin exchange has announced that hackers have stolen £24m of bitcoins. This is the second time  in the space of a year that they have suffered a cyber attack.

An investigation is underway to ascertain the precise cause of the attack .

The incident has been reported to the relevant regulatory authority in South Korea.

12th June

Ahead of the World Cup in Russia the Football Association has been warned by GCHQ that they do need to secure its devices and data as it is conceivable that hackers may try and steal their tactics.

8th June

The ICO has fined the British and Foreign Bible Society £100,000 as a result of their computer network being breached following a ransomware attack in 2016.

It is believed that 417,000 individuals were at risk from their personal date being compromised with a number of these potentially having their bank payment cards being at risk.

The investigation by the ICO determined that their was insufficient protection under their internal networks for card users making donations to the Society. There was in appropriate remote access and passwords were far too easy to guess and therefore possible to change .

The Society has now undertaken appropriate action in order to improve their cyber security processes and procedures.

7th June

The monitors at the Tabriz International Airport in Iranian have been subject to a cyber attack by hackers where protests in support of the strike of Iranian truck drivers were posted.

The group claiming responsibility are this attack are Tapandegan (Palitaters) with promise of further attacks.

It is understood that the monitors had to be shut down in order to resolve the attack, no further information was made available by the airport.

1st June 

Visa has suffered a major system failure which is not currently thought to be as a result of “any unauthorized access or malicious event”

Customers have been stuck in long queues in high street stores waiting for transactions to be processed. Card payments were being denied once such case were car owners being able to pay tolls at the Severn Bridge.

This was not confined to the UK and many other parts of Europe were impacted by this glitch. It is not know if customers personal data has in any way been compromised.

This is the third case in the last month where computers systems have failed causing severe disruption, the others being TSB plc and Worcester Bosch.


30th May

It is believed that British businesses are now facing higher ransom demands as the result of ransomware attacks with figures of between £100,000 and £200,000 being requested.

Previously demands were normally seen for a few several hundred pounds or bitcoins which is the currency that such demands are made in. These are now becoming much more meaningful sums and increasing the financial consequence on businesses in the event of a cyber attack.

29th May 

It is believed that thousands of computer routers connected to US homes and businesses may have been compromised by foreign hackers believed to have emanated from Russia, the FBI has recently warned. The malware in question may have gained access to personal data and impacted on websites.

As a result of this the FBI are advising owners of small office or home routers to reboot straight away and to update their logins with new passwords. They also advise to ensure that security updates have been implemented on their routers.

15th May 

With GDPR around the corner cyber criminals are taking advantage of businesses who are advising their customers of privacy policy updates.

E-mails are being sent to unsuspecting customers in order to fool them in sharing their personal data or financial information. Phishing attacks are also taking place that requests customers to divulge their credit card details.

It is therefore important to be even more vigilant in the period to the run of GDPR.

15th May 

Worcester Bosh may have suffered a data breach which could have inadvertently revealed customers addresses.

This is the result of another IT system software swap issue which caused thousands of e-mails with customers personal details to be sent out by accident.

A full investigation is taking place.

11th May 

Hackers attempted to knock Israeli out of the Eurovision song contest over the weekend.

The cyber attacks were aimed to block individuals voting for the Israeli contestant which was carried out by over loading on-line applications which count as votes the singer.

The group who carried out this attack are known as the “Eurovision Boycott of Israel” using the hashtag ~ZeroPoints Israel and called for individuals not to vote for Barzilai stating that a vote for the singer is seen as a sign for the support of the State of Israel.

3rd May

Twitter has advised all of its 330 million users to change their passwords after it has been discovered that a bug has exposed then in plain text.

Whilst there is no evidence that the passwords have been used and unmasked, this suggested course of action is purely as aprecaution. This also includes third party apps such as Twitterrific and TweetDeck.

It is understood that the bug was as a result of an issue in the hashing process that masks passwords by replacing them with a random string of characters that are stored on the Twitter computer system. Passwords were however saved in plain text to an internal log instead of masking with the hashing process.

2nd May 

TSB have suffered a major computer glitch that has resulted in customers being unable to access their bank accounts making it difficult to make payments , pay bills and in some instances businesses have been unable to make salary payments.

TSB are in the progress of migrating to a new computer systems following their purchase by Banco Sabadell in March 2015. It is the integration of Proteco4UK that has caused these issues where TSB have previously largely dependent on the inherited Lloyds Banking Banking Group system.

The problems may have stemmed from the fact that conversion of the systems , the data and the interface accessing the data were not tested prior to going on-line – a view held by t he University of Kent’s School of Computing. It is believed that the project was already running late with financial pressures. It is feared that as customers data could be assessed by individuals in ways that it should have not been possible, data may have  been compromised although there is no evidence of this .

IBM have since been bought in to deal with this issue but to date the problems still exist.

The aftermarth of this will no doubt be felt by the bank for some time to come, with complications such as missed paydays and loan repayments and overdue credit card bills.

The FCA will be carrying an investigation , the incident has also been reported to the ICO who have the power to issue fines where a data breach has taken place, these fines will be increasing when GDPR come into force later this month.

1st May 

BMW has stated that it is powerless to prevent criminals from hacking into their cars after the launch of its latest keyless models were announced and that it would not accept any responsibility for this.

These comments were made to a customer in Surrey whose keyless car was stolen from their driveway.

BMW said that it does work constantly to design the best security systems in cars and work in conjunction with the police and other authorities in order to achieve this.


30th April

The Department of Health announced that $150 million will be spent on NHS cyber security which will involve  a new multi-million Microsoft security package that will provide the most up to date software and the latest security settings.

This will remove unsupported Microsoft systems that currently exist in the NHS with the intention to improve resilience against future cyber attacks. This represents a further injection of money following the £60 million that was invested last year.

Additional finance will also be provided in order to upgrade firewalls and network infrastructure at major trauma centre hospitals and ambulance trusts. A Data Security and Protection Toolkit will also be made available in order that specific standards can be met and improve the protection of patients data.

21st April

Ciaran Writing , the head of GCHQ has stated that it is a matter of “when not if” Britain faces a “serious cyber attack” The current focus is building resilience in “the systems that we care about” such as power and water supplies , internet and transport networks and the health service.

It is believed that senior representatives within these sectors have attended intelligence briefings at the National Cyber Security Centre concerning “attack vectors” being utilized by Russia to target Britain’s critical infrastructure.

20th April

A recent survey carried out by the financial crime prevention organisation Cifas has revealed that 500 bank customers a day are having their identities stolen in order to take out loans , mortgages and credit cards. This is understood to be a 125% increase compared to ten years ago.

The increase is perceived to be the focus on “soft targets” whereby loans , mobile phone contracts and car insurance policies are being taken out in victims names as opposed to setting up bank accounts which now have tighter security. These details are obtained via the hacking of e-mail accounts or buying these on the dark web where personally identifiable information is readily available at a nominal price.

Many individuals only find out that they have been victim of fraud when they receive their credit card statement or they try to purchase and item and their credit rating has been downgraded.

It is understood that regionally London has the largest number of identity frauds with 50,330 in 2017.

11th April

Hackers have gained access to 1,000 customer accounts of Great Western Railway, it appears that personal data has only been compromised with no bank details being exposed by the attack as this was protected by encryption.

The Railway have managed to shut down the attack and have asked the affected customers to change their passwords. Access seems to have been possible as a result of passwords being harvested from other sources as the login success was very low.

Details of who may have undertaken the attack are as yet unknown.

9th April

North Bristol NHS Trust has been subject to an attempted cyber attack on 800 of their staff e-mail accounts. The phishing attack took place in February but the cyber security team identified this at a very early stage. This prevented a wide scale compromise of the staffs’ personal details that may have been available if their e-mail accounts had been accessed.

8th April

It has been revealed that Conservative MP Kemi Badenoch has admitted  hacking into a Labour MP’s website as a prank. The website content was changed to say “nice things about the Tories” but it has not been announced whose website that was compromised.

6th April 

Facebook has announced that it had “improperly shared” the personal data of 87 million Facebook users with the British data analytics business Cambridge Analytica. This information was used without the users’ consent in order to assist with Donald Trumps 2016 Presidential campaign. It is understood that approximately users in Europe have also have been implicated with one million in the UK and 310,000 in Germany.

The European Commission is meeting with Facebook in order to investigate stating that “the unauthorized  access to and further misuse of personal data belonging to Facebook users was unacceptable”

Facebook plan to advise their users if their data was shared with Cambridge Analytica and will advise the apps used to share this information and the information that was revealed.


The Information Commissioners Office (ICO) has subsequently fined Facebook £500,000. This the maximum fine that the ICO could impose prior to GDPR coming into force.


30th March 

Under Armour have had its MyFitnessPal app hit by a security breach that has affected 150 million users. First awareness of the breach was apparently know on 25th March and customers have been advised to change their passwords.

It is understood that the information impacted includes usernames,, e-mail addresses and hashed passwords but not credit or bank card details that were not stored on the app.

An investigation is under way and the appropriate law enforcement authorities have been notified.

29th March

Lazio, the Italian football team have seemingly been subject to an e-mail scam and have paid two million euros of the last installment of the transfer for Stefan de Vrij from Feyenoord in the Netherlands. The football  club paid the remaining money into  the wrong bank account which has now been located but is not connected to Feyenoord.

29th March 

The Northern Irish Assembly have been hit by a series of cyber attacks whereby their e-mail system has been targeted by hackers – it is understood that the attempts made were unsuccessful. A full investigation is under way and staff have been requested to change their passwords and be vigilant when opening e-mails.

26th March

UK Anti-Doping has revealed that it has been targeted by a cyber attack in the last few days. It is understood that no computer systems were compromised with no data lost or corrupted.

It is unknown who carried out the attack but the Russian backed hacking group , Fancy Bears have been behind previous attacks on athletes medical data from the World Anti-Doping Agency.

16th March

Camelot announced that they have suffered a “low level” cyber attack that affected 150 customer accounts. As a result of this Camelot have asked all of its customers to change their passwords.

It is believed that hackers obtained users credentials from a list circulated on the internet in order to access these accounts. The hackers were only able to access limited information and no bank details were compromised. This type of attack is known as a“credential stuffing” attack using a list of passwords that already existed on the internet.

The ICO has been advised of this as have the National Cyber Security Centre.

10th March

Cyber security developer Sonic Wall has revealed that it had observed 2,500 different variants of ransomware being targeted at British businesses since the beginning of the year this was an average of 38 new attacks per day.

These new strains of virus’s are proving to be far stronger than before and are becoming more sophisticated as they circumnavigate the cyber defenses of businesses in the UK.

8th March

Scotland Yard have announced that Londoners are loosing upon average £26M a month as a result of cyber attacks on businesses and individuals. 3,500 victims of cyber fraud are recorded in London each month from phishing to ransomware attacks.

The biggest vulnerability is people themselves who are not educated in cyber risks or employees in businesses who have not been trained in potential cyber attacks that they can encounter.

1st March

Germany’s government IT network is being subject to an “on-going ” cyber attack which is believed to been carried out by the Russian hacking group Fancy Bear that is linked to Russia’s GRU military intelligence agency.

The governments’ internal communications network was targeted with malware and but is now understood that this has now been isolated and is under control.

The German government suffered a similar attack in 2015 which again was believed to have been carried out by Fancy Bear.


12th February 

The Winter Olympics website was taken offline as a result of a cyber attack just before the beginning of the opening ceremony in Pyeongchang , South Korea. It is understood that tv and internet were also affected, all operations were it is believed restored within 12 hours.

It is not known who carried out the attack and an investigation is on-going, suspects are possibly the countries of Russia and North Korea.

11th February 

Over 4,000 websites have it is believed been affected by a hacker with malware that takes control of computers to mine cryptocurrency. As a precaution the ICO took down its own website as fears grew that it might have been compromised.  The code has now been disabled and users are no longer at risk.

The source of the attack was a website plug-in called Browsealoud which is use to assist blind people to access the web. The product was affected for 4 hours by a malicious code designed to generate the cryptocurrency Monero.  Once one website is impacted it can infect thousands.

The hacked script was also found on the websites of Student Loans Company , Barnsley Hospital and many other websites throughout the UK and around the world.


22nd January

Age UK have suffered two different data breaches both of which were unrelated and occurred last year.

The matter has been reported to the ICO who are investigating which involved current and former staff. The first incident related to e-mails being sent to an unsecured website outside of Age UK . The second incident was a data breach bought about by two employees having their e-mail adresses beung hacked and sensitive information being sent outside of the charity.

It is not known how many people have been affected but all individuals have been advised of the data breach.

19th January 

It has been announced that 40,000 customers of OnePlus on-line payment system have been affected by a credit card breach. Customers have suffered from fraudulent transactions taking place on their accounts from which it is understood was a result of a hacker accessing their systems from between the middle of November last year and up to 11th January this year.

The hacker gained access by injecting a malicious script into their computer systems onto the payment page which allowed access to users credit card details whilst they populated these in making payments. This enabled the hacker to capture all the relevant details of the users credit cards.

An investigation is underway  and OnePlus are notifying all affected credit card users. It is likely that they will also offer the users impacted by the breach a years’ free subscription of credit monitoring.

10th January 

Carphone Warehouse has been fined  £400,000 by the ICO as a result of a data breach that took place in 2015.

Hackers managed to gain access to the personal data of 3,00,000 customers and 1,000 employees , this fine is the same amount as that suffered by Talk Talk in the same year. The data breach affecte Carphone Warehouse’s on-line division which operates the websites of, and

The hackers gained access using login credentials which enabled them to compromise the computer system as it was possible due to the fact that out of date WordPress software was in place.

Carphone Warehouse have apologized for the incident and have sought to improve their systems and procedures.

8th January

Hackers are planning to target the Winter Olympics in South Korea next month.

McAfee have discovered a hacking campaign that started in December last year which appears to be a nation state sponsored cyber attack. The targets have so far been the ice hockey teams and ski suppliers where e-mails claiming to be from South Korea’s national counter terrorism council have contained malicious code which if opened would create a hidden back channel inside the computer which the attacker could take advantage of at a later date.

Once the hackers have gained access this would allow further access within any part of computing network that is connected for the hackers to compromise systems and steal data or to cause with disruption to the event.

8th January

Two vulnerabilities have been discovered by Google called Meltdown and Spectre announcing that these have been in existence in processors since 1995. This follows on from an earlier discovery also reported today concerning Intel CPU’s

These are bugs that can be exploited to steal data which is currently processed in computers, this can include passwords , personal photographs and e-mails.

The code name of Meltdown has been called this because of its’ ability to melt security boundaries which are normally protected by hardware. Whilst Spectre is much harder to managed and is named as it is the root cause for speculative execution. This is a basic optimization technique that processors use to carry out computations for data they “speculate” may be of use in the near future.

Investigations have shown that ultimately these issues are hardware issues that will require firmware patches and software fixes but they will not be easy to discover. Desktops are mostly likely to be affected , with mobile devices this has not been assessed yet but patches will be available.

Google believe that CPU’s going back to 1995 will be impacted by these bugs…..

2nd January

Seafood Shack, a restaurant in Cardiff was subject to a cyber attack which resulted in it being closed for 6 months.

Bookings were cancelled without their knowledge which impacted on trade leaving the restaurant with losses of almost £100,000 from November to December. The owners of the restaurant discovered that 265  evening party bookings had been deleted from their on-line booking system.

The incident was reported to Action Fraud who are investigating this with the outcome awaited.