Normal view

Received — 19 May 2026 Data and computer security | The Guardian

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

Businesses are advised against paying – but many are prepared to deal to protect users’ privacy

After a week of outages, hundreds of millions of students’ data stolen, delayed assignment due dates and school login pages being defaced by hackers, the US tech firm Instructure – which operates the education platform Canvas, used by education providers worldwide – announced it had “reached an agreement with the unauthorised actor” behind the ransomware attack.

Experts read the careful language as a sign that a ransom has been paid. The company has not confirmed this.

Continue reading...

© Photograph: Boonchai Wedmakawand/Getty Images

© Photograph: Boonchai Wedmakawand/Getty Images

© Photograph: Boonchai Wedmakawand/Getty Images

Received — 23 April 2026 Data and computer security | The Guardian

Booking.com warns customers of hack that exposed their data

Undisclosed number of names and contact and reservation details accessed in latest cybercrime attempt

The accommodation reservation website Booking.com has suffered a data breach with “unauthorised parties” gaining access to customers’ details.

The platform said it “noticed some suspicious activity involving unauthorised third parties being able to access some of our guests’ booking information”.

Continue reading...

© Photograph: CrocusPhotography/Alamy

© Photograph: CrocusPhotography/Alamy

© Photograph: CrocusPhotography/Alamy

Almost half a million Lloyds customers had personal data exposed in IT glitch

Letter from group published by MPs blames 12 March glitch on software update to its mobile banking apps

Lloyds Banking Group exposed the personal data of nearly 500,000 customers in an IT glitch that left people’s payments, account details and national insurance numbers visible to other users, a committee of MPs has revealed.

A letter from Lloyds, published by MPs on the Treasury select committee on Friday, blamed the glitch on a software defect introduced during an IT update to its Lloyds, Halifax and Bank of Scotland mobile banking apps overnight into 12 March.

Continue reading...

© Photograph: David Burton/Alamy

© Photograph: David Burton/Alamy

© Photograph: David Burton/Alamy

Crossbench MPs pressure Labor over gas export tax – as it happened

This blog is now closed

The pollies have been asked this morning whether people should consider working from home to save fuel, as conflict escalates in the Middle East.

Tehran has said it will “irreversibly destroy” essential infrastructure across the Middle East, including vital water systems, if the US follows through on Donald Trump’s threat to “obliterate” Iran’s power plants unless the strait of Hormuz is fully opened within two days.

This is like Covid style restrictions I think that are potentially being floated. I would not support that in any way, and I don’t think businesses would do so either …

If people can work from home and they want to and it works for their employers, fine, I think that’s terrific, but it doesn’t help small businesses. It certainly doesn’t help the truckers and the fishers and the farmers and the manufacturers and the miners that are relying on fuel supply.

Continue reading...

© Photograph: Mick Tsikas/AAP

© Photograph: Mick Tsikas/AAP

© Photograph: Mick Tsikas/AAP

Received — 1 February 2026 Data and computer security | The Guardian

Real estate agents in Australia using apps that leave millions of lease documents at risk, digital researcher says

Exclusive: ‘This is a blatant and disturbing disregard for the law and for people’s security,’ digital rights advocate says

Australian platforms used by real estate agents to upload documentation for renters and landlords are leaving people’s personal information exposed in hyperlinks accessible online.

An analysis of seven rent platforms provided to Guardian Australia by a researcher, who wished to remain anonymous, revealed millions of leasing documents could be accessed by threat actors.

Continue reading...

© Photograph: Carly Earl/The Guardian

© Photograph: Carly Earl/The Guardian

© Photograph: Carly Earl/The Guardian

Received — 11 January 2026 Data and computer security | The Guardian

‘Mortified’ OBR chair hopes inquiry into budget leak will report next week

Reuters news agency says it obtained document after visiting URL it predicted file would be uploaded to

The chair of the Office for Budget Responsibility has said he felt mortified by the early release of its budget forecasts as the watchdog launched a rapid inquiry into how it had “inadvertently made it possible” to see the documents.

Richard Hughes said he had written to the chancellor, Rachel Reeves, and the chair of the Treasury select committee, Meg Hillier, to apologise.

Continue reading...

© Photograph: Kirsty O’Connor/Treasury

© Photograph: Kirsty O’Connor/Treasury

© Photograph: Kirsty O’Connor/Treasury

Capita fined £14m for data protection failings in 2023 cyber-attack

Hackers stole personal information of 6.6m people but outsourcing firm did not shut device targeted for 58 hours

The outsourcing company Capita has been fined £14m for data protection failings after hackers stole the personal information of 6.6 million people, including staff details and those of its clients’ customers.

John Edwards, the UK information commissioner who levied the fine, said the March 2023 data theft from the group and companies it supported, including 325 pension providers, caused anxiety and stress for those affected.

Continue reading...

© Photograph: Dado Ruvić/Reuters

© Photograph: Dado Ruvić/Reuters

© Photograph: Dado Ruvić/Reuters

Louis Vuitton says UK customer data stolen in cyber-attack

Lead brand of French luxury group LVMH reassures customers financial data such as bank details were not taken

Louis Vuitton has said the data of some UK customers has been stolen, as it became the latest retailer targeted by cyber hackers.

The retailer, the leading brand of the French luxury group LVMH, said an unauthorised third party had accessed its UK operation’s systems and obtained information such as names, contact details and purchase history.

Continue reading...

© Photograph: SOPA Images/LightRocket/Getty Images

© Photograph: SOPA Images/LightRocket/Getty Images

© Photograph: SOPA Images/LightRocket/Getty Images

Ofcom closes technical loophole used by criminals to intercept mobile calls and texts

Regulator acts on leasing of ‘global title’ numbers after industry efforts to tackle problem were ineffective

The UK communications regulator Ofcom is banning mobile operators from leasing numbers that can be used by criminals to intercept and divert calls and messages, including security codes sent by banks to customers.

Ofcom said it would stop the leasing of “global titles”, special types of phone numbers used by mobile networks to support services to make sure messages and calls reach the intended recipient.

Continue reading...

© Photograph: Andy Rain/EPA

© Photograph: Andy Rain/EPA

© Photograph: Andy Rain/EPA

❌