0208 915 1103|sales@thesoftwarebureau.com

Third Party Data Breaches Highlight the Need for Strong Vendor Security

By |2025-10-20T16:16:30+00:00October 20th, 2025|

At The Software Bureau, we take information security seriously. Our recent retention of the ISO 27001:2022 certification reflects our ongoing commitment to protecting sensitive data and maintaining the highest standards of security across our operations. However, the recent data breach involving LNER’s customer communications database, managed by a third party supplier - https://www.printweek.com/content/news/lner-data-accessed-in-customer-comms-breach, is a stark reminder that security must extend beyond internal systems. Reports indicate that unauthorised access was gained through a supplier, compromising customer data and raising serious concerns about vendor oversight. This incident reinforces a critical point. Your organisation’s data security is only as strong as the weakest link in your supply chain. While The Software Bureau does not share any customer data with third parties, we [...]

Read More

The Data Breach Epidemic: A Wake-Up Call for Data Hygiene 

By |2025-06-02T14:59:09+00:00June 2nd, 2025|

Earlier this month, cybersecurity researcher Jeremiah Fowler uncovered an unsecured database containing over 184 million login credentials. This trove included usernames and passwords for major platforms such as Google, Apple, Microsoft, Facebook, Instagram, and Snapchat, as well as sensitive data from bank accounts, health services, and government portals. Alarmingly, the database was unencrypted and publicly accessible, making it a "cybercriminal's dream".  Closer to home, you can’t fail to have missed M&S’ significant cyberattack, leading to the theft of customer data, including contact details and order histories. The breach disrupted online operations and is projected to cost the company approximately £300 million in lost operating profit. The attack was reportedly executed by the cybercriminal group Scattered Spider, exploiting vulnerabilities in third-party [...]

Read More

The Curious Case of AI-Generated Data Hacking: A Cautionary Tale

By |2024-02-05T09:30:28+00:00February 5th, 2024|

In the ever-evolving landscape of cybersecurity, a bizarre new trend has emerged, blurring the lines between reality and fiction. Picture this: a hacking forum on a quiet Sunday, buzzing with the advertisement of a stolen data cache from Europcar. The claim? Over 48 million customers' personal information up for sale. The twist? The data might just be a figment of artificial intelligence's imagination, specifically conjured up by ChatGPT. Europcar's response was swift, with spokesperson Vincent Vevaud debunking the claim after a meticulous examination. The inconsistencies were glaring: The purported number of records didn't match Europcar's database. Sample data was likely AI-generated, featuring non-existent addresses, mismatched ZIP codes, and bizarre email domains. None of the email addresses were found in Europcar's [...]

Read More

Data Breach Debacle: Electoral Commission’s 300-Day Delay in UK’s Largest Hack in History!

By |2023-08-10T08:42:57+00:00August 10th, 2023|

On the ICO website it clearly states that organisations suffering data breaches must report it within 72 hours of being made aware of the breach. Lets be clear 72 hours. That equates to three days, Not the 300 days it has taken the Electoral Commission to fess up to THE BIGGEST data breach in UK history. For those that have missed the headlines The Electoral Commission reported a breach on 8th August 2023 having discovered in October 2022 that hackers were playing fast and loose with its systems since August 2021. This includes unfettered access to the names and addresses of at least 40 million people registered to vote between 2014 and 2022. Oh dear. The eagle eyed of you [...]

Read More
Go to Top