The UK Government has published its 2025/2026 Cyber Security Breaches Survey, which is drawn from information received from thousands of UK businesses. The 2025/2026 survey paints a picture of a cyber threat landscape that is stable in its scale but shifting in its character. The publicity surrounding high-profile incidents has not yet resulted in a […]
Cybersecurity Incidents
UK Data Protection Regulator Fines Capita ~$18.8 Million Following a Ransomware Attack
On October 15, 2025, the UK’s Information Commissioner’s Office (ICO) fined Capita plc and Capita Pension Solutions Limited (collectively “Capita”) £14 million (~$18.8 million) for failing to implement adequate security measures to protect the personal data of over ~6.6 million individuals following a ransomware attack by Black Basta. The ICO’s penalty notice is available here. […]
Chilean Regulator Launches Public Consultation on New Cybersecurity Law
On 16 September 2025, the Chilean Cybersecurity Agency (Agencia Nacional de Ciberseguridad, ‘ANCI’) launched a public consultation on its provisional list of companies that may be classified as ‘operators of vital importance’ (Operadores de Importancia Vital, ‘OVI’) under the recently enacted Chilean Cybersecurity Law (Ley Marco de Ciberseguridad No. 21.663, ‘LMC’). This list (available online […]