Tag Archive for: british

Carpetright is latest British business to be hit by cyber attack as hackers target company HQ to affect hundreds of customer orders

/in


  •  Hackers targeted the company HQ in Purfleet, Essex on Tuesday



Flooring chain Carpetright is the latest British business to be hit by a cyber attack affecting hundreds of customer orders. 

Hackers targeted the company HQ in Purfleet, Essex on Tuesday, sending malware to gain unauthorised access. 

Carpetright’s network was taken offline due to the cyber attack but bosses insist that the virus was isolated before any data was swiped. 

However phone lines are still down with callers met with the automated message ‘Thank you for your patience while we work on a solution’.

Staff and hundreds of customers were affected by the malicious virus with employees reportedly unable access their payroll information.   

Flooring chain Carpetright is the latest British business to be hit by a cyber attack affecting hundreds of customer orders (file pic)
Hackers targeted the company HQ in Purfleet, Essex on Tuesday, sending malware to gain unauthorised access (stock photo)

A source told The Sun: ‘Some staff networks were taken down including the portals that workers use to book time off and look at payslips.

‘It happened abruptly and was worrying because customers couldn’t get through to helplines.

READ MORE: Hackers publish NHS patients’ data after cyber attack including names, addresses and medical conditions – as they vow to post thousands more unless ransom is paid

‘Everything at HQ was taken offline as that was the best way to stop the attack spreading to customer data.’

A spokesperson for Carpetright said: ‘We would like to apologise for any inconvenience caused.

‘We are not aware of any customer or colleague data being impacted by this incident and are testing and resetting systems, with investigations ongoing.’

The cyber attack at the flooring chain comes after hackers managed to access a ‘small number’ of patients’ data last month. 

Ransomware group – INC Ransom – targeted NHS Dumfries and Galloway and claimed it was in possession of three terabytes of data from NHS Scotland.

A post on its dark web blog included a ‘proof pack’ of some of the data, which was…

Source…

Ransomware cyber attack on British Library ‘set to cost £7m’

/in


In a post to X, formerly Twitter, the institution said at the time: “We’re continuing to experience a major technology outage as a result of a cyber-attack. This is affecting our website, online systems and services, as well as some onsite services too.

Source…

Rhysida ransomware group lists British Library data for sale

/in


Rhysida ransomware group lists British Library data for sale

Following the confirmation that the major outage it has been suffering since last month was the result of a cyber attack, data belonging to the British Library is reportedly for sale by the Rhysida ransomware group.

The threat actor posted a low-resolution image to its leak site with sample data, including passports and employment documents.

“With just seven days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” the ransomware group said on its leak site.

“Open your wallets and be ready to buy exclusive data.

“We sell only to one hand, no reselling, you will be the only owner.”

Rhysida held an auction to sell the stolen data, with the deadline for bidding ending on 27 November at 8am UTC.

The British Library is yet to confirm that the claims made by Rhysida are true, but it has taken to X (formerly Twitter) to say that its services are still down and that it is aware that some data was stolen.

“We’re continuing to experience a major technology outage as a result of a cyber attack, affecting our website, online systems and services, and some onsite services too,” said the British Library.

“We anticipate restoring many services in the next few weeks, but some disruption may persist for longer.

“Following confirmation last week that this was a ransomware attack, we’re aware that some data has been leaked. This appears to be from our internal HR files.”

Despite data having been stolen, the British Library has failed to find any evidence that the data has been used. However, it has engaged security measures just in case.

“We have no evidence that data of our users has been compromised.

“In the meantime, we’ve taken targeted protective…

Source…

British officials say AI chatbots could carry cyber risks

/in


Illustration shows AI (Artificial Intelligence) letters and computer motherboard

AI (Artificial Intelligence) letters are placed on computer motherboard in this illustration taken, June 23, 2023. REUTERS/Dado Ruvic/Illustration/File Photo Acquire Licensing Rights

Aug 30 (Reuters) – British officials are warning organisations about integrating artificial intelligence-driven chatbots into their businesses, saying that research has increasingly shown that they can be tricked into performing harmful tasks.

In a pair of blog posts due to be published Wednesday, Britain’s National Cyber Security Centre (NCSC) said that experts had not yet got to grips with the potential security problems tied to algorithms that can generate human-sounding interactions – dubbed large language models, or LLMs.

The AI-powered tools are seeing early use as chatbots that some envision displacing not just internet searches but also customer service work and sales calls.

The NCSC said that could carry risks, particularly if such models were plugged into other elements organisation’s business processes. Academics and researchers have repeatedly found ways to subvert chatbots by feeding them rogue commands or fool them into circumventing their own built-in guardrails.

For example, an AI-powered chatbot deployed by a bank might be tricked into making an unauthorized transaction if a hacker structured their query just right.

“Organisations building services that use LLMs need to be careful, in the same way they would be if they were using a product or code library that was in beta,” the NCSC said in one its blog posts, referring to experimental software releases.

“They might not let that product be involved in making transactions on the customer’s behalf, and hopefully wouldn’t fully trust it. Similar caution should apply to LLMs.”

Authorities across the world are grappling with the rise of LLMs, such as OpenAI’s ChatGPT, which businesses are incorporating into a wide range of services, including sales and customer care. The security implications of AI are also still coming into focus, with authorities in the U.S. and Canada saying they have seen hackers embrace the technology.

Reporting by Raphael Satter; Editing by Alex Richardson

Our Standards: The Thomson Reuters Trust Principles.

Acquire…

Source…