An anonymous reader shared this report from the Associated Press: An investigation into a ransomware attack earlier this month on London hospitals by the Russian group Qilin could take weeks to complete, the country's state-run National Health Service said Friday, as concerns grow over a reported data dump of patient records. Hundreds of operations and appointments are still being canceled more than two weeks after the June 3 attack on NHS provider Synnovis, which provides pathology services primarily in southeast London... NHS England said Friday that it has been "made aware" that data connected to the attack have been published online. According to the BBC, Qilin shared almost 400GB of data, including patient names, dates of birth and descriptions of blood tests, on their darknet site and Telegram channel... According to Saturday's edition of the Guardian newspaper, records covering 300 million patient interactions, including the results of blood tests for HIV and cancer, were stolen during the attack. A website and helpline has been set up for patients affected.

Read more of this story at Slashdot.

An anonymous reader shared this report from Computer Weekly: Microsoft has admitted to Scottish policing bodies that it cannot guarantee the sovereignty of UK policing data hosted on its hyperscale public cloud infrastructure, despite its systems being deployed throughout the criminal justice sector. According to correspondence released by the Scottish Police Authority (SPA) under freedom of information (FOI) rules, Microsoft is unable to guarantee that data uploaded to a key Police Scotland IT system — the Digital Evidence Sharing Capability (DESC) — will remain in the UK as required by law. While the correspondence has not been released in full, the disclosure reveals that data hosted in Microsoft's hyperscale public cloud infrastructure is regularly transferred and processed overseas; that the data processing agreement in place for the DESC did not cover UK-specific data protection requirements; and that while the company has the ability to make technical changes to ensure data protection compliance, it is only making these changes for DESC partners and not other policing bodies because "no one else had asked". The correspondence also contains acknowledgements from Microsoft that international data transfers are inherent to its public cloud architecture. As a result, the issues identified with the Scottish Police will equally apply to all UK government users, many of whom face similar regulatory limitations on the offshoring of data. The recipient of the FOI disclosures, Owen Sayers — an independent security consultant and enterprise architect with over 20 years' experience in delivering national policing systems — concluded it is now clear that UK policing data has been travelling overseas and "the statements from Microsoft make clear that they 100% cannot comply with UK data protection law".

Read more of this story at Slashdot.

Officials are asking if this month's UK hospital hack resulted in fatalities. From a report: As the fallout from a cyberattack affecting hospitals in London enters its third week, doctors have been asked to report any deaths or other serious harms directly linked to the incident. On June 3, a group of ransomware hackers compromised a lab services provider, Synnovis, and locked down the company's systems, triggering major disruptions at hospitals and clinics in South East London. In the first week, doctors delayed 800 planned operations and 700 outpatient appointments and resorted to handwritten records, while a hospital solicited blood from its own clinical workers after the hack. Some of the worst interruptions have been resolved, but many services still haven't been restored. [...] But amid the recovery, health officials last week circulated a so-called "harms monitoring" form to doctors and clinicians, asking them to record the human toll of the cyberattack. The form, which I have seen, seeks to categorize the damage through a series of questions ranging from minor to major, including "patient died as a DIRECT result of the incident."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Dr Joseph Cotter takes some unusual pieces of luggage on his trips on the London underground. They include a stainless steel vacuum chamber, a few billion atoms of rubidium and an array of lasers that are used to cool his equipment to a temperature just above absolute zero. While not the average kit you would expect to find being dragged into carriages on the District Line, this is the gear that Cotter -- who works at Imperial College London's Centre for Cold Matter -- uses on his underground travels. Though the baggage may be bizarre, it has an ambitious purpose. It is being used to develop a quantum compass -- an instrument that will exploit the behavior of subatomic matter in order to develop devices that can accurately pinpoint their locations no matter where they are placed, paving the way for the creation of a new generation of underground and underwater sensors. The ideal place to test it is the London underground, Cotter and his team have discovered. "We are developing very precise new sensors using quantum mechanics, and these are showing great promise in the laboratory," he told the Observer last week. "However, they are less accurate in real-life settings. That is why we are taking our equipment to the London underground. It's the perfect place for smoothing out the rough edges and getting our equipment to work in real life." [...] At the heart of the quantum compass -- which could be ready for widespread use in a few years -- is a device known as an accelerometer that can measure how an object's velocity changes over time. This information, combined with the starting point of that object, allows its future positions to be calculated. Mobile phones and laptops possess accelerometers but these versions cannot maintain their accuracy over lengthy periods. However, quantum mechanics offers scientists a way to provide new precision and accuracy by measuring properties of supercool atoms. At extremely low temperatures, atoms behave in a "quantum" way. They act like matter and like waves. "When atoms are ultra-cold, we can use quantum mechanics to describe how they move, and this allows us to make accurate measurements that tell us how our device is changing its position," said Cotter. In the devices -- which have been carried on board London underground track-testing trains and not on commuter services -- rubidium is inserted into the vacuum chamber that lies at the machine's heart. Powerful lasers are then used to cool these atoms to a fraction of a degree above absolute zero (-273.15C). In these conditions, the wave properties of the rubidium atoms are affected by the acceleration of the vehicle that is carrying the equipment, and these minute changes can be measured accurately. The system has been found to work well in a stable laboratory but needs to be tested in more extreme conditions if it is to be turned into a transportable, standalone device that can be used in remote or complex locations, added Cotter.

Read more of this story at Slashdot.

"Within less than a minute, I'm approached by a store worker who comes up to me and says, 'You're a thief, you need to leave the store'." That's a quote from the BBC by a wrongly accused customer who was flagged by a facial-recognition system called Facewatch. "She says after her bag was searched she was led out of the shop, and told she was banned from all stores using the technology." Facewatch later wrote to her and acknowledged it had made an error — but declined to comment on the incident in the BBC's report: [Facewatch] did say its technology helped to prevent crime and protect frontline workers. Home Bargains, too, declined to comment. It's not just retailers who are turning to the technology... [I]n east London, we joined the police as they positioned a modified white van on the high street. Cameras attached to its roof captured thousands of images of people's faces. If they matched people on a police watchlist, officers would speak to them and potentially arrest them... On the day we were filming, the Metropolitan Police said they made six arrests with the assistance of the tech... The BBC spoke to several people approached by the police who confirmed that they had been correctly identified by the system — 192 arrests have been made so far this year as a result of it. Lindsey Chiswick, director of intelligence for the Met, told the BBC that "It takes less than a second for the technology to create a biometric image of a person's face, assess it against the bespoke watchlist and automatically delete it when there is no match." "That is the correct and acceptable way to do it," writes long-time Slashdot reader Baron_Yam, "without infringing unnecessarily on the freedoms of the average citizen. Just tell me they have appropriate rules, effective oversight, and a penalty system with teeth to catch and punish the inevitable violators." But one critic of the tech complains to the BBC that everyone scanned automatically joins "a digital police line-up," while the article adds that others "liken the process to a supermarket checkout — where your face becomes a bar code." And "The error count is much higher once someone is actually flagged. One in 40 alerts so far this year has been a false positive..." Thanks to Slashdot reader Bruce66423 for sharing the article.

Read more of this story at Slashdot.

London's famed Evening Standard newspaper has announced plans to end its daily outlet, "bringing an end to almost 200 years of publication in the capital," reports The Guardian. Going forward, the company plans to launch "a brand new weekly newspaper later this year and consider options for retaining ES Magazine with reduced frequency," while also working to increase traffic to its website. "In its 197-year history the Evening Standard has altered its format, price, content and distribution models," notes The Guardian. "But giving up on producing a daily print newspaper is the biggest change yet." From the report: The newspaper said it has been hit hard by the introduction of wifi on the London Underground, a shortage of commuters owing to the growth of working from home and changing consumer habits. The Standard lost 84.5 million pounds in the past six years, according to its accounts, and is reliant on funding from its part-owner Evgeny Lebedev. Its other shareholders include a bank with close links to the Saudi government. Industry sources suggested Lebedev had been willing to consider selling the outlet in recent years but no buyer was found. Paul Kanareck, the newspaper's chair, told staff on Wednesday morning: "The substantial losses accruing from the current operations are not sustainable. Therefore, we plan to consult with our staff and external stakeholders to reshape the business, return to profitability and secure the long-term future of the number one news brand in London." Kanareck said there would be an "impact on staffing," with journalists bracing themselves for further job losses on top of years of redundancies, while design staff on the print edition are expected to be hit hard. Distributors who hand out the newspaper across London are also likely to be out of work, and billboards outside railway stations advertising the day's headline will stand empty on most days. He suggested there would be a change in focus for the weekly outlet: "A proposed new weekly newspaper would replace the daily publication, allowing for more in-depth analysis of the issues that matter to Londoners, and serve them in a new and relevant way by celebrating the best London has to offer, from entertainment guides to lifestyle, sports, culture and news and the drumbeat of life in the world's greatest city." Closing the Evening Standard will mean that for the first time in centuries, Londoners will have no general-interest daily print newspaper. The finance-focused City AM, which was recently saved by the billionaire Matthew Moulding, will continue to publish four days a week and has recently increased its distribution. Further reading: So it's goodbye to London's Standard, my old paper -- and to the heart of democracy, local news (Opinion; The Guardian)

Read more of this story at Slashdot.

UPI reports that the British government covered up "a multi-decade tainted blood scandal, leading to thousands of related deaths, a report published Monday found." Britain's National Health Service allowed blood tainted with HIV and Hepatitis to be used on patients without their knowledge, leading to 3,000 deaths and more than 30,000 infections, according to the 2,527-page final report by Justice Brian Justice Langstaff, a former judge on the High Court of England and Wales. Langstaff oversaw a five-year investigation into the use of tainted blood and blood products in Britain's healthcare system between 1970 and 1991. The report blames multiple administrations over the time period for knowingly exposing victims to unacceptable risks... In several cases, health officials lied about the risks to patients... The NHS also gave patients false reassurances, an attempt to "save face," failing victims "not once but repeatedly...." The situation could "largely, though not entirely, have been avoided," Langstaff found... The British government on Monday began operating a support phone line for people and their families affected by the tainted blood scandal. The article notes that Langstaff described the coverup as "subtle" but "pervasive" and "chilling in its implications... "To save face and to save expense, there has been a hiding of much of the truth." Thanks to long-time Slashdot reader schwit1 for sharing the article.

Read more of this story at Slashdot.

The head of the UK Environment Agency has admitted that freedom of information requests have been buried by the regulator because the truth about the environment in England is "embarrassing." From a report: Philip Duffy, the body's chief executive, told an audience at the UK River Summit in Morden, south London, this week that his officials were "worried about revealing the true state of what is going on" with regards to the state of the environment. The regulator holds information including about pollution, the state of England's waterways, the meetings its bosses have with water company CEOs, and other data about the state of nature in the country. The Information Commissioner's Office, which oversees the law on the Freedom of Information Act, has warned the regulator that the public have a right to have their requests answered and that transparency should be taken seriously. An ICO spokesperson said: "People have the legal right to promptly receive information they're entitled to and we take action when they don't. We've been clear that public sector leaders should take transparency seriously and see the benefits it brings, including scrutiny of processes and approaches that can then benefit from improvement."

Read more of this story at Slashdot.

Russia is increasingly seeking to encourage and direct hackers to attack British and other western targets, the director of GCHQ has said in her first keynote speech as head of the British intelligence agency. From a report: Anne Keast-Butler said her agency was "increasingly concerned about growing links" between the Russian intelligence services and proxy hacker groups who have long taken advantage of a permissive environment within the country. "Before, Russia simply created the right environments for these groups to operate but now they're nurturing and inspiring these non state cyber actors," she said in a speech to the Cyber UK conference, in what she described as a "globally pervasive" threat. The spy chief, appointed last year to be the first woman to hold the role, referenced the threat from ransomware -- "the most acute and pervasive cyber threat" -- where cybercriminals, typically from Russia, take control of a company's data and systems and demand significant sums to regain access. GCHQ was "doing everything we can" to counter ransomware actors, Keast-Butler said, degrade their ability to attack systems across government and business and to "produce intelligence that means those involved in ransomware are held to account." There is "no hiding place" for cybercriminals she added.

Read more of this story at Slashdot.

The U.K. economy has emerged from recession as gross domestic product rose 0.6% in the first quarter, official figures showed Friday, beating expectations. From a report: Economists polled by Reuters had forecast growth of 0.4% on the previous three months of the year. The U.K. entered a shallow recession in the second half of 2023, as persistent inflation continued to hurt the economy. Although there is no official definition of a recession, two straight quarters of negative growth is widely considered a technical recession. The U.K.'s production sector expanded by 0.8% in the period from January to March, while construction fell by 0.9%. On a monthly basis, the economy grew by 0.4% in March, following 0.2% expansion in February. In output terms, the services sector -- crucial to the U.K. economy -- grew for the first time since the first quarter in 2023, the Office for National Statistics said. The 0.7% growth was mainly driven by the transport services industry which saw its highest quarterly growth rate since 2020.

Read more of this story at Slashdot.

The North Yorkshire Council in England announced it will ban apostrophes on street signs as it can affect geographical databases. Resident Anne Keywood told the BBC that she urged the authority to retain apostrophes, saying: "If you start losing things like that then everything goes downhill doesn't it?" From the report: North Yorkshire Council said it "along with many others across the country" had opted to "eliminate" the apostrophe from street signs. A spokesperson added: "All punctuation will be considered but avoided where possible because street names and addresses, when stored in databases, must meet the standards (PDF) set out in BS7666. "This restricts the use of punctuation marks and special characters (e.g. apostrophes, hyphens and ampersands) to avoid potential problems when searching the databases as these characters have specific meanings in computer systems."

Read more of this story at Slashdot.

The UK government's climate action plan is unlawful, the high court has ruled, as there is not enough evidence that there are sufficient policies in place to reduce greenhouse gas emissions. From a report: The energy secretary, Claire Coutinho, will now be expected to draw up a revised plan within 12 months. This must ensure that the UK achieves its legally binding carbon budgets and its pledge to cut emissions by more than two-thirds by 2030, both of which the government is off track to meet. The environmental charities Friends of the Earth and ClientEarth took joint legal action with the Good Law Project against the Department for Energy Security and Net Zero (DESNZ) over its decision to approve the carbon budget delivery plan (CBDP) in March 2023. In a ruling on Friday, Mr Justice Sheldon upheld four of the five grounds of the groups' legal challenge, stating that the decision by the former energy security and net zero secretary Grant Shapps was "simply not justified by the evidence." He said: "If, as I have found, the secretary of state did make his decision on the assumption that each of the proposals and policies would be delivered in full, then the secretary of state's decision was taken on the basis of a mistaken understanding of the true factual position." The judge agreed with ClientEarth and Friends of the Earth that the secretary of state was given "incomplete" information about the likelihood that proposed policies would achieve their intended emissions cuts. This breached section 13 of the Climate Change Act, which requires the secretary of state to adopt plans and proposals that they consider will enable upcoming carbon budgets to be delivered. Sheldon also agreed with the environment groups that the central assumption that all the department's policies would achieve 100% of their intended emissions cuts was wrong. The judge said the secretary of state had acted irrationally, and on the basis of an incorrect understanding of the facts. This comes after the Guardian revealed the government would be allowing oil and gas drilling under offshore wind turbines, a decision criticised by climate experts as "deeply irresponsible."

Read more of this story at Slashdot.

The United Kingdom has become the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted. From a report: The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for. Manufacturing and design practices mean many IoT products introduce additional risks to the home and business networks they're connected to. In one often-cited case described by cybersecurity company Darktrace, hackers were allegedly able to steal data from a casino's otherwise well-protected computer network after breaking in through an internet-connected temperature sensor in a fish tank. Under the PSTI, weak or easily guessable default passwords such as "admin" or "12345" are explicitly banned, and manufacturers are also required to publish contact details so users can report bugs.

Read more of this story at Slashdot.

The head of Britain's domestic intelligence agency warned the country's leading research universities on Thursday that foreign states are targeting their institutions and imperilling national security. The Record: "We know that our universities are being actively targeted by hostile actors and need to guard against the threat posed to frontier research in the most sensitive sectors," said the deputy prime minister Oliver Dowden, who also attended the briefing. The threat requires "further measures," said the deputy PM, who announced that the government was launching a consultation with the sector so it could "do more to support our universities and put the right security in place to protect their cutting-edge research." The briefing was delivered by Ken McCallum, the director general of MI5, alongside Dowden and the National Cyber Security Centre's interim chief executive, Felicity Oswald. It was made to the vice-chancellors of the Russell Group, a collective of the country's 24 leading universities. Among the range of measures being considered is having MI5, the domestic security agency, carry out security vetting on key researchers involved in a "small proportion of academic work, with a particular focus on research with potential dual uses in civilian and military life."

Read more of this story at Slashdot.