Yazılar

UK’s Capita fined £14 million over 2023 cyber breach affecting 6.7 million people

/in /tarafından

Capita has been fined £14 million ($18.7 million) by the UK Information Commissioner’s Office (ICO) for failing to protect personal data during a 2023 cyberattack that compromised information belonging to 6.7 million individuals, the outsourcing firm said on Wednesday.

The company, which provides services to UK government departments and major corporations, said the fine was part of a settlement with the ICO. Capita had previously estimated that the breach could cost up to £20 million in financial damages.

The ICO report found that Capita failed to maintain adequate network protections, allowing unauthorized access and privilege escalation, and did not respond properly to early security alerts. The regulator said the case underscored the growing pressure on British companies to strengthen cyber defenses following major breaches at Marks & Spencer, Co-op, and Jaguar Land Rover.

“With so many cyber attacks in the headlines, our message is clear: every organization, no matter how large, must take proactive steps to keep people’s data secure,” said John Edwards, the UK’s Information Commissioner.

Capita said it has since introduced advanced cybersecurity measures and completed an internal overhaul of its digital infrastructure. “Following an extended period of dialogue with the ICO, we are pleased to have concluded this matter,” said CEO Adolfo Hernandez.

The firm expects a free cash outflow of £59 million–£79 million in 2025, up from previous guidance of £45 million–£65 million, but noted that all other financial targets remain unchanged.

According to the National Cyber Security Centre (NCSC), the number of “highly significant” cyber incidents in Britain has doubled year-on-year, reflecting growing systemic risks across the public and private sectors.

Qantas Confirms Customer Data Released by Hackers Months After Cyber Breach

/in /tarafından

Australia’s national airline, Qantas Airways, has confirmed that customer data stolen during a July cyberattack has now been released online by cybercriminals. The airline said it was one of several companies targeted globally in the breach, which compromised the personal information of millions of passengers.

In the July incident, Qantas revealed that over one million customers had sensitive data — including phone numbers, dates of birth, and home addresses — accessed by hackers. An additional four million customers had their names and email addresses stolen, marking one of the largest data breaches in Australia’s recent history.

Qantas said the data was stolen through a third-party platform and has since been published by the hacker group known as Scattered Lapsus$ Hunters after the company missed a ransom deadline. “With the help of specialist cybersecurity experts, we are investigating what data was part of the release,” Qantas said in a statement.

The airline also confirmed that an injunction remains in place to prevent the use or further distribution of the stolen information. The July attack is among the most serious since cyber incidents targeting telecom firm Optus and health insurer Medibank in 2022, which led to tighter cybersecurity laws in Australia.

Global regulators step up oversight of AI risks in finance

/in /tarafından

Global financial watchdogs are intensifying their scrutiny of artificial intelligence (AI) in the banking sector, warning that heavy reliance on shared AI systems could threaten financial stability. As the use of AI accelerates across global markets, regulators are moving to monitor systemic risks and strengthen their own technological capabilities.

In a report published Friday, the Financial Stability Board (FSB) — which advises G20 governments — said widespread adoption of the same AI models and infrastructure could create “herd-like behaviour” across financial institutions. “This heavy reliance can create vulnerabilities if there are few alternatives available,” the FSB cautioned, warning that such concentration could amplify shocks during market stress.

A separate study by the Bank for International Settlements (BIS) urged regulators and central banks to “raise their game” in monitoring and using AI. The BIS said authorities must not only understand AI’s potential to reshape markets but also adopt the technology themselves to improve supervision and data analysis.

The report comes amid an international race — led by the United States and China — to dominate next-generation AI tools and applications, including those that underpin financial services.

While the FSB said there is currently “little empirical evidence” that AI-driven correlations have directly impacted market outcomes, it warned that AI could increase exposure to cyberattacks and algorithmic fraud.

Some jurisdictions have already acted. The European Union’s Digital Operational Resilience Act (DORA), which took effect in January, establishes new rules for digital and AI-based systems used by financial institutions.

The emerging consensus among regulators is clear: AI promises efficiency and insight, but without vigilant oversight, it could become a new source of systemic risk in global finance.