The Information Commissioner’s Office (ICO) has issued a reprimand to the Post Office following a data breach that resulted in the unauthorised disclosure of personal information belonging to hundreds of postmasters involved in the Horizon IT scandal.
The breach occurred when the Post Office’s communications team mistakenly published an unredacted version of a legal settlement document on its corporate website. The document contained the names, home addresses and postmaster status of 502 people who were part of a group litigation against the organisation. It remained publicly accessible from 25 April to 19 June 2024, before being removed following notification from an external law firm.
Read more…
Source: UKAuthority News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- British National Pleads Guilty to Hacking into Companies and Stealing At Least $8 Million in Virtual Currency
April 17, 2026
SANTA ANA, California – A United Kingdom man pleaded guilty today to conspiring with others to hack into the computer systems of at least a dozen companies via text message phishing attacks and to steal at least $8 million in virtual currency from individual victims throughout the United States. Tyler Robert Buchanan, 24, of Dundee, Scotland, ...
- Thousands of official government email addresses, including plaintext passwords available online
April 11, 2026
The official email accounts of public officials all over the world have been leaked online, with many exposed alongside their plaintext passwords, making it trivial for an attacker to breach their accounts. Researchers at Proton scoured the darker side of the internet for the publicly available email addresses of government officials – and discovered thousands of ...
- Hacker stole £700,000 from UK energy company by redirecting payment
April 9, 2026
British oil and gas company Zephyr Energy says someone stole £700,000 (close to $1 million) from one of its U.S.-based subsidiaries by redirecting a payment meant for a contractor into a hacker-controlled account. In a regulatory filing with the London Stock Exchange on Thursday, the company said it is “working with the corresponding banks and ...
- Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
April 6, 2026
The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates high-velocity ransomware campaigns that weaponize N-days, targeting vulnerable, web-facing systems during the window between vulnerability disclosure and widespread patch adoption. Following successful exploitation, Storm-1175 rapidly moves from initial access to data exfiltration and deployment of Medusa ransomware, often within a few days and, ...
- UK manufacturers under cyber fire with 80% reporting attacks
April 1, 2026
Nearly 80 percent of British manufacturers say they’ve been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual. According to security outfit ESET, 78 percent of UK manufacturers admit to suffering at least one cyber incident in the ...
- Halifax and Lloyds customers hit by online data breach
March 12, 2026
Lloyds, Halifax and Bank of Scotland customers were given access to strangers’ banking transactions in a major online data breach this morning. Customers were able to view charges and payments on their banking apps that were not linked to their own transactions following the suspected technical glitch. Wage payments, HMRC reference numbers and other personal transactions were ...