0208 915 1103|sales@thesoftwarebureau.com

Why Information Security Due Diligence Matters and Why SwiftCore’s Perfect Audit Matters Even More

By |2026-02-16T13:28:41+00:00February 16th, 2026|

In January, The Software Bureau’s cloud processing engine, SwiftCore, underwent a comprehensive data security audit and full penetration testing programme conducted by an independent information security specialist. We are proud to share that SwiftCore received a perfect bill of health, with only six very minor issues identified, all of which are already being fully addressed. For us, this is more than a compliance exercise. It is a commitment to our clients, our industry and the data we all rely on every day. Information Security Is Not Optional. It Is Foundational. Across every sector, organisations depend on software suppliers to manage, process and safeguard sensitive information. That places software providers like us at the centre of the Information Security equation. When [...]

Read More

Why The Software Bureau Should Be Your First Choice for Data Processing, Cleansing & Postal Sortation Software

By |2025-11-04T06:48:18+00:00November 4th, 2025|

Choosing a software provider for data processing and mail sortation is not just about ticking boxes. It is about ensuring your business is protected, supported, and future proofed. The Software Bureau has earned its place as a trusted partner for organisations across the UK. Our software processes over 2 billion items annually, powering more than 75% of all UK advertising mail. That scale is no accident. It is the result of years of refinement, investment, and industry insight. Led by Experience Our management team brings together over 100 years of hands-on experience in software development, direct mail, data management, and production. We understand the pressures and complexities of the sector because we have worked in it. That experience shapes every [...]

Read More

Third Party Data Breaches Highlight the Need for Strong Vendor Security

By |2025-10-20T16:16:30+00:00October 20th, 2025|

At The Software Bureau, we take information security seriously. Our recent retention of the ISO 27001:2022 certification reflects our ongoing commitment to protecting sensitive data and maintaining the highest standards of security across our operations. However, the recent data breach involving LNER’s customer communications database, managed by a third party supplier - https://www.printweek.com/content/news/lner-data-accessed-in-customer-comms-breach, is a stark reminder that security must extend beyond internal systems. Reports indicate that unauthorised access was gained through a supplier, compromising customer data and raising serious concerns about vendor oversight. This incident reinforces a critical point. Your organisation’s data security is only as strong as the weakest link in your supply chain. While The Software Bureau does not share any customer data with third parties, we [...]

Read More

Update on the UK Data (Use & Access) Act – and Why Clean Data Is More Crucial Than Ever

By |2025-06-18T11:26:49+00:00June 18th, 2025|

On 11 June 2025, UK Parliament completed the final round of “ping‑pong” over the Data (Use and Access) Bill in the House of Lords, paving the way for Royal Assent and its conversion into the Data (Use and Access) Act 2025 This is a major milestone in updating the UK’s data protection landscape post‑Brexit—and it signals that smart, responsible data use is now firmly on the national agenda. What You Should Know The Act introduces several important refinements: A staggered roll‑out of updated UK GDPR provisions, including relaxed rules around cookies, Data Subject Access Requests (DSAR), automated decision‑making, and strengthened provisions for scientific research A formal category of “recognised legitimate interests”, clarifying when data can be used without a full [...]

Read More

The Data Breach Epidemic: A Wake-Up Call for Data Hygiene 

By |2025-06-02T14:59:09+00:00June 2nd, 2025|

Earlier this month, cybersecurity researcher Jeremiah Fowler uncovered an unsecured database containing over 184 million login credentials. This trove included usernames and passwords for major platforms such as Google, Apple, Microsoft, Facebook, Instagram, and Snapchat, as well as sensitive data from bank accounts, health services, and government portals. Alarmingly, the database was unencrypted and publicly accessible, making it a "cybercriminal's dream".  Closer to home, you can’t fail to have missed M&S’ significant cyberattack, leading to the theft of customer data, including contact details and order histories. The breach disrupted online operations and is projected to cost the company approximately £300 million in lost operating profit. The attack was reportedly executed by the cybercriminal group Scattered Spider, exploiting vulnerabilities in third-party [...]

Read More

23andMe Collapse Sparks Urgent Questions About Data Responsibility

By |2025-03-26T11:15:47+00:00March 26th, 2025|

Once a Silicon Valley darling, DNA testing company 23andMe has now gone into administration—leaving behind not just a troubled balance sheet, but a trove of highly sensitive personal data. Millions of customers entrusted the firm with their genetic information, family histories, and health predispositions. Now, the burning question: what happens to that data? The debate has ignited fears over data ownership, consent, and corporate accountability. In the UK, administrators are bound by GDPR, but the worry remains that valuable genetic data could be sold to settle debts, repurposed without consent, or exposed through weak security controls. This situation highlights a deeper issue: data stewardship isn’t just a technical obligation—it’s a moral one. Companies handling sensitive personal data, especially of the [...]

Read More

Data Governance Update: New Data Bill Aims to Shape the Future of the UK Data Landscape

By |2024-10-29T11:02:35+00:00October 29th, 2024|

It’s been a while since we’ve provided an update on data governance and the long awaited DPDI, because since the election there has been little in the way of news. However, last week it was announced that under the new government, DPDI has morphed into the Data Use and Access Bill. Unveiled by the Department for Science, Innovation, and Technology, this bill is positioned to integrate technology and data protection into the economy’s core, fostering economic growth, streamlining public services, and enriching lives. With an expected £10 billion economic boost projected over a decade, the Bill is set to transform how data is used across sectors. The DMA has actively participated in discussions around the Bill, advocating for provisions that [...]

Read More

Ensuring Data Accuracy in the Age of AI: A Lesson from AI-Generated Mistakes from across the Pond

By |2024-08-07T09:55:32+00:00August 7th, 2024|

In recent months, significant incidents have highlighted the pitfalls of AI when it comes to maintaining data accuracy in public records. These events serve as a crucial reminder of the importance of data hygiene, particularly for organisations that rely on precise data processing. The Incident: Pregnant Woman Wrongly Accused One notable incident involved a pregnant woman in Detroit who was falsely arrested based on AI-generated evidence. Porcha Woodruff, eight months pregnant at the time, was wrongly identified by an AI system as a suspect in a carjacking case. This led to her wrongful arrest and detention for 11 hours, causing her significant emotional distress and physical complications leading to hospitalisation. This case is part of a broader pattern, with several [...]

Read More

A Data Protection Update

By |2024-06-04T08:32:56+00:00June 4th, 2024|

Last week marked the sixth anniversary of the General Data Protection Regulation (GDPR), a landmark in data protection that revolutionised how personal data is handled across Europe. However, as many people reflect on GDPR's impact, the future of data protection regulation in the UK hangs in the balance following the recent mothballing of the Data Protection & Digital Information Bill (DPDI). The Demise of DPDI The Government’s decision to exclude the DPDI from its “wash up” process, a fast-track mechanism for essential legislation before Parliament is dissolved, has led to significant uncertainty. Initially introduced in 2021, the DPDI aimed to modernise the UK's data protection framework. However, it was still navigating the committee stage in the House of Lords when [...]

Read More

Top 10 sectors that fail to report data breaches revealed

By |2024-05-24T11:34:57+00:00May 24th, 2024|

As we ‘celebrate’ the 6th birthday of GDPR a new study finds that over half of all data breaches in the UK in 2023 were not reported within the required 72-hour window. The report from Hayes Connor revealed the sectors with the worst track record. These were: Local Government: 51.32% General Business: 49.16% Marketing: 47.50% Justice: 47.06% Regulators: 46.81% Membership Associations: 46.67% Online Technology and Telecoms: 45.37% Media: 45.16% Central Government: 44.57% Retail and Manufacture: 43.94% Failing to report a breach within this timeframe can result in significant fines of up to £17.5 million or 4% of global turnover, whichever is higher. However, in practice, most firms receive minimal penalties. A key finding of the research is that in the [...]

Read More
Go to Top