Information Commissioner's Office stories

Australia’s banks face rising AI-driven scams, making robust human identity verification and phishing-resistant MFA critical to security.

Electronic Frontiers Australia criticises the National AI Plan for favouring business interests over public safety, digital rights and calls for stronger EU-style law.

Baidam urges Australian firms to strengthen supply chain security with a new five-pillar framework amid rising third-party data breaches.

UK retail cyber attacks occur consistently year-round, not just around shopping events, exposing sensitive data of millions and challenging risk timing assumptions.

With 93% of firms facing unauthorised AI use, new governance models urge flexible policies to manage shadow AI risks while fuelling innovation.

The health sector leads UK data breach self-reports with 3,820 cases from 2023 to early 2025, reveals ICO data analysed by Reward Gateway Edenred.

Firevault launches offline digital vault system to shield businesses and directors from rising cyber breach risks and hefty fines in the UK and worldwide.

UK police forces have reported over 13,000 data breaches since 2022, with incidents rising yearly and causing serious risks to personal information.

The UK’s updated Cyber Security and Resilience Bill will extend compliance to many SMEs, urging them to bolster defences and improve cyber resilience by 2025.

Holland & Barrett has saved 3,000 annual hours handling data requests by automating the process with Aiimi’s AI platform, boosting accuracy and speed.

UK local authorities reported over 2,400 data breaches in 2024, highlighting concerns over device loss, human error, and public sector data security.

UK Metropolitan Councils reported over 12,700 data breaches in three years, paying more than GBP £268,000 in compensation claims.

UK firms reporting data breaches to the ICO rose to 69%, with remote work risks rising as phishing and employee errors top causes amid policy gaps.

Basic cyber security controls could prevent the majority of major data breaches, says analysis of UK and Australian data affecting tens of millions annually.

The Legal Aid Agency faced a major cyber-attack exposing data of hundreds of thousands of applicants, raising serious concerns over sensitive personal information security.

Over 1,200 devices were reported lost or stolen across UK government departments in 2024, highlighting ongoing security challenges despite audits and efforts.

Nearly 400 data breaches at UK Jobcentres in 2024 exposed personal details of jobseekers, raising serious concerns over data security and privacy.

The Information Commissioner's Office is urging organisations to share personal information responsibly to combat the UK's growing fraud crisis.

Vectra AI reveals a critical Transitive Access Abuse vulnerability in Google Cloud's Document AI, raising data exfiltration risk for users.

Oldham Council hit by cyberattack, exposing sensitive data; part of a broader wave across Greater Manchester, leaving thousands at risk of phishing scams.