The UK's data-protecting Information Commissioner's Office has issued a warning about what it calls a worrying trend, reports the BBC: "students hacking their own school and college IT systems for fun or as part of dares." Since 2022, the the Information Commissioner's Office (ICO) has investigated 215 hacks and breaches originating from inside education settings and says 57% were carried out by children. Other breaches are thought to come from staff, third party IT suppliers and other organisations with access. According to the new data, almost a third of the breaches involved students illegally logging into staff computer systems by guessing passwords or stealing details from teachers. In one incident, a seven-year-old was involved in a data breach and subsequently referred to the National Crime Agency's Cyber Choices programme to help them understand the seriousness of their actions... In another incident three Year 11 students aged 15 or 16 unlawfully accessed school databases containing the personal information of more than 1,400 students. The pupils used hacking tools downloaded from the internet to break passwords and security protocols. When questioned, they said they were interested in cyber security and wanted to test their skills and knowledge. Another example the ICO gave is of a student illegally logging into their college's databases with a teachers' details to change or delete personal information belonging to more than 9,000 staff, students and applicants. The system stored personal information such as name and home address, school records, health data, safeguarding and pastoral logs and emergency contacts. Schools are facing an increasing number of cyber attacks, with 44% of schools reporting an attack or breach in the last year according the government's most recent Cyber Security Breaches Survey. "Youth cyber crime culture is a growing threat linked to English-speaking teen gangs," the article argues, noting breaches at major companies to suggest it's a kind of "gateway" crime. The ICO's principal cyber specialist tells the BBC that "What starts out as a dare, a challenge, a bit of fun in a school setting can ultimately lead to children taking part in damaging attacks on organisations or critical infrastructure."

Read more of this story at Slashdot.

Britain's road death rate has declined 22-fold per mile driven since 1950, dropping from 111 deaths per billion miles to approximately 5 today, according to new analysis from Our World in Data. Annual road fatalities fell from 5,000-7,000 deaths in the 1920s and 1930s to 1,700 in recent years despite a 16-fold increase in vehicles and 33-fold increase in miles driven. The UK now ranks among the world's safest countries for road travel at 1.9 deaths per 100,000 people. Key interventions included mandatory breathalyzer tests in 1967 that reduced drunk-driving deaths by 82%, the introduction of motorways beginning in 1958, conversion to roundabouts that cut fatal accidents by two-thirds, and 20-mph speed zones around schools. If global road death rates matched Britain's current levels, approximately one million lives would be saved annually from the current 1.2 million road deaths worldwide.

Read more of this story at Slashdot.

A UK government trial of Microsoft's M365 Copilot found no clear productivity gains despite user satisfaction with tasks like summarizing meetings and writing emails. While the tool sped up some routine work, it actually slowed down more complex tasks like Excel analysis and PowerPoint creation, often producing lower-quality results. The Register reports: The Department for Business and Trade received 1,000 licenses for use between October and December 2024, with the majority of these allocated to volunteers and 30 percent to randomly selected participants. Some 300 of these people consented to their data being analyzed. An evaluation of time savings, quality assurance, and productivity was then calculated in the assessment (PDF). Overall, 72 percent of users were satisfied or very satisfied with their digital assistant and voiced disappointment when the test ended. However, the reality of productivity gains was more nuanced than Microsoft's marketing materials might suggest. Around two-thirds of the employees in the trial used M365 at least once a week, and 30 percent used it at least once a day -- which doesn't sound like great value for money. [...] According to the M365 Copilot monitoring dashboard made available in the trial, an average of 72 M365 Copilot actions were taken per user. "Based on there being 63 working days during the pilot, this is an average of 1.14 M365 Copilot actions taken per user per day," the study says. Word, Teams, and Outlook were the most used, and Loop and OneNote usage rates were described as "very low," less than 1 percent and 3 percent per day, respectively. "PowerPoint and Excel were slightly more popular; both experienced peak activity of 7 percent of license holders using M365 Copilot in a single day within those applications," the study states. The three most popular tasks involved transcribing or summarizing a meeting, writing an email, and summarizing written comms. These also had the highest satisfaction levels, we're told. Participants were asked to record the time taken for each task with M365 Copilot compared to colleagues not involved in the trial. The assessment report adds: "Observed task sessions showed that M365 Copilot users produced summaries of reports and wrote emails faster and to a higher quality and accuracy than non-users. Time savings observed for writing emails were extremely small. "However, M365 Copilot users completed Excel data analysis more slowly and to a worse quality and accuracy than non-users, conflicting time savings reported in the diary study for data analysis. PowerPoint slides [were] over 7 minutes faster on average, but to a worse quality and accuracy than non-users." This means corrective action was required. A cross-section of participants was asked questions in an interview -- qualitative findings -- and they claimed routine admin tasks could be carried out with greater efficiency with M365 Copilot, letting them "redirect time towards tasks seen as more strategic or of higher value, while others reported using these time savings to attend training sessions or take a lunchtime walk." Nevertheless, M365 Copilot did not necessarily make them more productive, the assessment found. This is something Microsoft has worked on with customers to quantify the benefits and justify the greater expense of a license for M365 Copilot.

Read more of this story at Slashdot.

UK weather agency Met Office, in a blog post: Provisional Met Office statistics confirm that summer 2025 is officially the warmest summer on record for the UK. Analysis by Met Office climate scientists has also shown that a summer as hot or hotter than 2025 is now 70 times more likely than it would be in a 'natural' climate with no human caused greenhouse gas emissions. The UK's mean temperature from 1 June to 31 August stands at 16.10C, which is 1.51C above the long-term meteorological average. This surpasses the previous record of 15.76C, set in 2018, and pushes the summer of 1976 out of the top five warmest summers in a series dating back to 1884.

Read more of this story at Slashdot.

A newly published Investigatory Powers Tribunal filing indicates the UK government's Technical Capability Notice to Apple went beyond the company's Advanced Data Protection encryption to include standard iCloud services used by millions [non-paywalled source]. The document states the UK Home Office order "is not limited to" ADP data and applies "globally in respect of the relevant data categories of all iCloud users." The filing emerged days after Trump administration officials claimed the UK had agreed to drop efforts targeting American citizens' data. Apple launched its legal challenge in March after receiving the TCN, which the company cannot discuss publicly under the Investigatory Powers Act. The tribunal scheduled a hearing for early next year. Apple withdrew ADP from UK customers in February.

Read more of this story at Slashdot.

An anonymous reader shares a report: Valve has started to comply with the UK's Online Safety Act, by rolling out a requirement for all Brits to verify their age with a credit card to access "mature content" pages and games on Steam. UK users won't even be able to access the community hubs of mature content games unless a valid credit card is stored on a Steam account. While platforms like Reddit, Bluesky, and Discord have opted for age verification checks using selfies, Valve is restricting its age checks to just credit cards, according to a support article. "Among all age assurance mechanisms reviewed by Valve, this process preserves the maximum degree of user privacy," says Valve. "Having the credit card stored as a payment method acts as an additional deterrent against circumventing age verification by sharing a single Steam user account among multiple persons."

Read more of this story at Slashdot.

Apple has warned that "EU-style rules" proposed by the UK competition watchdog "are bad for users and bad for developers." From a report: It says EU laws -- which have sought to make it easier for smaller firms to compete with big tech -- have resulted in some Apple features and enhancements being delayed for European users. It argues the UK risks similar hold-ups if the Competition and Markets Authority (CMA) pushes ahead with plans designed to open up markets the regulator says is too dominated by Apple and Google. [...] The CMA wants UK app makers to be able to use and exchange data with Apple's mobile technology -- something called "interoperability." Without it, app makers cannot create the full range of innovative products and services, it argues. Apple claims under EU interoperability rules it has received over 100 requests -- some from big tech rivals -- demanding access to sensitive user data, including sensitive information Apple itself cannot access. It argues the rules are effectively allowing other firms to demand its data and intellectual property for free.

Read more of this story at Slashdot.

Epic Games CEO Tim Sweeney told the Financial Times that the UK Competition and Markets Authority's December decision to delay mandating alternative app stores on iPhones was a "blunder" that leaves Britain "well behind" other jurisdictions. The CMA postponed until next year whether to require Apple to allow third-party app stores or sideloading, unlike the EU's Digital Markets Act. Fortnite remains unavailable on UK iOS devices following Epic's years-long dispute over Apple's 30% commission fees. The regulator said it would prioritize forcing Apple and Google to allow alternative payment systems.

Read more of this story at Slashdot.

An anonymous reader shares a report: Can deleting old emails and photos help the UK tackle ongoing drought this year? That's the hope, according to recommendations for the public included in a press release today from the National Drought Group. There are far bigger steps companies and policymakers can take to conserve water of course, but drought has gotten bad enough for officials to urge the average person to consider how their habits might help or hurt the situation. And the proliferation of data centers is raising concerns about how much water it takes to power servers and keep them cool. "Simple, everyday choices -- such as turning off a tap or deleting old emails -- also really helps the collective effort to reduce demand and help preserve the health of our rivers and wildlife," Helen Wakeham, Environment Agency Director of Water, said in the press release.

Read more of this story at Slashdot.

An anonymous reader shares a report: Privacy groups report a surge in UK police facial recognition scans of databases secretly stocked with passport photos lacking parliamentary oversight. Big Brother Watch says the UK government has allowed images from the country's passport and immigration databases to be made available to facial recognition systems, without informing the public or parliament. The group claims the passport database contains around 58 million headshots of Brits, plus a further 92 million made available from sources such as the immigration database, visa applications, and more. By way of comparison, the Police National Database contains circa 20 million photos of those who have been arrested by, or are at least of interest to, the police.

Read more of this story at Slashdot.

Financial Times: The UK's highest court has partially overturned a landmark motor finance judgment that threatened to leave banks on the hook for tens of billions of pounds in compensation for allegedly deceiving consumers with hidden commissions on car loans. The Supreme Court's decision has been keenly awaited by investors as well as millions of consumers who were poised to claim redress from the banks. The government has been considering legislation to limit the fallout. The controversy over car finance shot to prominence after a bombshell Court of Appeal judgment in October that awarded compensation to three people who claimed they were misled by banks concealing the payment of commissions to dealerships. The $58.3 billion car finance scandal centers on hidden commissions paid by lenders to car dealers who arranged loans without disclosing the payment amounts and terms to borrowers. Under discretionary commission arrangements, dealers received larger payments when they persuaded car buyers to accept higher interest rates on loans. The practice affected roughly 90% of new car purchases and many secondhand vehicles, potentially exposing millions of motorists to mis-selling.

Read more of this story at Slashdot.

Britain's Competition and Markets Authority concluded that Microsoft and Amazon hold "significant unilateral market power" in cloud services and recommended investigating both companies under new competition rules. The regulator said it had concerns about practices creating customer "lock-in" effects through egress fees and unfavorable licensing terms that trap businesses in difficult-to-exit contracts. Microsoft and Amazon each control roughly 30-40% of the infrastructure-as-a-service market, while Google holds 5-10%. Microsoft disputed the findings, calling the cloud market "dynamic and competitive." Amazon said the probe recommendations were "unwarranted."

Read more of this story at Slashdot.

Proton VPN reported a 1,400 percent hourly increase in signups over its baseline Friday — the day the UK's age verification law went into effect. For UK users, "apps with explicit content must now verify visitors' ages via methods such as facial recognition and banking info," notes Mashable: Proton VPN previously documented a 1,000 percent surge in new subscribers in June after Pornhub left France, its second-biggest market, amid the enactment of an age verification law there... A Proton VPN spokesperson told Mashable that it saw an increase in new subscribers right away at midnight Friday, then again at 9 a.m. BST. The company anticipates further surges over the weekend, they added. "This clearly shows that adults are concerned about the impact universal age verification laws will have on their privacy," the spokesperson said... Search interest for the term "Proton VPN" also saw a seven-day spike in the UK around 2 a.m. BST Friday, according to a Google Trends chart. The Financial Times notes that VPN apps "made up half of the top 10 most popular free apps on the UK's App Store for iOS this weekend, according to Apple's rankings." Proton VPN leapfrogged ChatGPT to become the top free app in the UK, according to Apple's daily App Store charts, with similar services from developers Super Unlimited and Nord Security also rising over the weekend... Data from Google Trends also shows a significant increase in search queries for VPNs in the UK this weekend, with up to 10 times more people looking for VPNs at peak times... "This is what happens when people who haven't got a clue about technology pass legislation," Anthony Rose, a UK-based tech entrepreneur who helped to create BBC iPlayer, the corporation's streaming service, said in a social media post. Rose said it took "less than five minutes to install a VPN" and that British people had become familiar with using them to access the iPlayer outside the UK. "That's the beauty of VPNs. You can be anywhere you like, and anytime a government comes up with stupid legislation like this, you just turn on your VPN and outwit them," he added... Online platforms found in breach of the new UK rules face penalties of up to £18mn or 10 percent of global turnover, whichever is greater... However, opposition to the new rules has grown in recent days. A petition submitted through the UK parliament website demanding that the Online Safety Act be repealed has attracted more than 270,000 signatures, with the vast majority submitted in the past week. Ministers must respond to a petition, and parliament has to consider its topic for a debate, if signatures surpass 100,000. X, Reddit and TikTok have also "introduced new 'age assurance' systems and controls for UK users," according to the article. But Mashable summarizes the situation succinctly. "Initial research shows that VPNs make age verification laws in the U.S. and abroad tricky to enforce in practice."

Read more of this story at Slashdot.

A 21-year-old student who designed and distributed online kits linked to $175 million worth of fraud has been jailed for seven years. From a report: Ollie Holman created phishing kits that mimicked government, bank and charity websites so that criminals could harvest victims' personal information to defraud them. In one case a kit was used to mimic a charity's donation webpage so when someone tried to give money, their card details were taken and used by criminals. Holman, of Eastcote in north-west London, created and supplied 1,052 phishing kits that targeted 69 organisations across 24 countries. He also offered tutorials in how to use the kits and built up a network of almost 700 connections. The fake websites supplied in the kits had features that allowed information such as login and bank details to be stored. It is estimated Holman received $405,000 from selling the kits between 2021 and 2023. The kits were distributed through the encrypted messaging service Telegram.

Read more of this story at Slashdot.

The United Kingdom's government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks. From a report: The list of entities that would have to follow the new proposed legislation includes local councils, schools, and the publicly funded National Health Service (NHS). "Ransomware is estimated to cost the UK economy millions of pounds each year, with recent high-profile ransomware attacks highlighting the severe operational, financial, and even life-threatening risks. The ban would target the business model that fuels cyber criminals' activities and makes the vital services the public rely on a less attractive target for ransomware groups," the UK government said. "We're determined to smash the cyber criminal business model and protect the services we all rely on as we deliver our Plan for Change. By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware," Security Minister Dan Jarvis added.

Read more of this story at Slashdot.

Sir Keir Starmer's government is seeking a way out of a clash with the Trump administration over the UK's demand that Apple provide it with access to secure customer data, Financial Times reported Monday, citing two officials. From the report: The officials both said the Home Office, which ordered the tech giant in January to grant access to its most secure cloud storage system, would probably have to retreat in the face of pressure from senior leaders in Washington, including Vice President JD Vance. "This is something that the vice president is very annoyed about and which needs to be resolved," said an official in the UK's technology department. "The Home Office is basically going to have to back down." Both officials said the UK decision to force Apple to break its end-to-end encryption -- which has been raised multiple times by top officials in Donald Trump's administration -- could impede technology agreements with the US.

Read more of this story at Slashdot.

The UK secretly relocated thousands of Afghans to the UK after their personal details were disclosed in one of the country's worst ever data breaches, putting them at risk of Taliban retaliation. The operation cost around $2.7 billion and remained under a court-imposed superinjunction until recently lifted. Reuters reports: The leak by the Ministry of Defence in early 2022, which led to data being published on Facebook the following year, and the secret relocation program, were subject to a so-called superinjunction preventing the media reporting what happened, which was lifted on Tuesday by a court. British defence minister John Healey apologised for the leak, which included details about members of parliament and senior military officers who supported applications to help Afghan soldiers who worked with the British military and their families relocate to the UK. "This serious data incident should never have happened," Healey told lawmakers in the House of Commons. It may have occurred three years ago under the previous government, but to all whose data was compromised I offer a sincere apology." The incident ranks among the worst security breaches in modern British history because of the cost and risk posed to the lives of thousands of Afghans, some of whom fought alongside British forces until their chaotic withdrawal in 2021. Healey said about 4,500 Afghans and their family members have been relocated or were on their way to Britain under the previously secret scheme. But he added that no-one else from Afghanistan would be offered asylum because of the data leak, citing a government review which found little evidence of intent from the Taliban to seek retribution against former officials.

Read more of this story at Slashdot.

Reddit has begun verifying users' ages in the UK to restrict access to "certain mature content" for minors, complying with the UK's Online Safety Act. The BBC reports: Reddit, known for its online communities and discussions, said that while it does not want to know who its audience is: "It would be helpful for our safety efforts to be able to confirm whether you are a child or an adult." Ofcom, the UK regulator, said: "We expect other companies to follow suit, or face enforcement if they fail to act." Reddit said that from 14 July, an outside firm called Persona will perform age verification for the social media platform either through an uploaded selfie or "a photo of your government ID," such as a passport. It said Reddit will not have access to the photo and will only retain a user's verification status and date of birth so people do not have to re-enter it each time they try to access restricted content. Reddit added that Persona "promises not to retain the picture for longer than seven days" and will not have access to a user's data on the site. The new rules in the UK come into force on 25 July. [...] Companies that fail to meet the rules face fines of up to 18 million pounds or 10% of worldwide revenue, "whichever is greater." [Ofcom] added that in the most serious cases, it can seek a court order for "business disruption measures," such as requiring payment providers or advertisers to withdraw their services from a platform, or requiring Internet Service Providers to block access to a site in the UK."

Read more of this story at Slashdot.