Criminal Records Office Hit By A "Cyber Incident”

Uploaded on 2023-04-12 in BUSINESS-Services-Law, FREE TO VIEW, GOVERNMENT-Law Enforcement

The process of securing an overseas visa has been thrown into disarray after the UK Criminal Records Office (ACRO) was hit with a two-month cyber security “incident” resulting in a backlogs of visa applications waiting for criminal clearance after the cyber incident impacted services for two months.

ACRO is a policing service that provides certificates to Britons with details of their criminal records to attach to visa applications when applying to travel and work abroad.

ACRO has been struggling to recover from a cyber event since January 17. An email sent to customers impacted by the operational issue reportedly claimed that their data may have been exposed, although the nature of the incident has not yet been disclosed.

This could mean highly sensitive data including “identification information and any criminal conviction data” could be in the hands of criminal extortionists.

Tweets from ACRO since January hint at problems for the unit. On February 9 it blamed a ‘technical issue’ for a website outage, and a fortnight later claimed that police certificates were taking longer to process due to ‘heavy demand.’ By March 21, ACRO had returned to blaming ‘essential website maintenance’ for the website outage. A note on the official website asks customers for patience as it “works through our technical issues” and requests applicants send an email to the office.

The incident is understood to have caused significant backlogs in the processing of essential police certificates, without which applicants are unable to obtain work or residence visas for many foreign countries.

There is currently no evidence that personal data or payment information has been affected by the incident. ACRO is currently working with authorities to investigate the incident further. The organisation’s website is currently displaying a single page with essential customer information only, directing them to ACRO’s Twitter account for up-to-date guidance.

 ITPro:     Yahoo:      The Register:    The Record:      Standard:     Infosecurity Magazine:    DigitFY:

You Might Also Read: 

US Federal Court Court IT Systems Breached:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Increasing Cyber Attacks On Critical Infrastructure
Japan’s Leading Companies Exposed To Ransomware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CERT-FR

CERT-FR

CERT-FR is the French national government computer security incident response team.

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

Certego

Certego

Certego is a company of the VEM Sistemi Group specialised in providing managed computer security services and to combat Cyber Crime.

CryptoCodex

CryptoCodex

Cryptocodex has developed Counter-Fight, the most advanced, yet simple to implement, counterfeit detection system.

Avansic

Avansic

Avansic is a leading provider of e-discovery and digital forensics services to attorneys, litigation support teams, and business communities.

Kivu Consulting

Kivu Consulting

Kivu Consulting combines technical and legal expertise to deliver data breach response, investigative, discovery and forensic solutions worldwide.

TorGuard

TorGuard

TorGuard is a Virtual Private Network services provider offering secure encrypted access to the internet.

ITU Arab Regional Cyber Security Center (ITU-ARCC)

ITU Arab Regional Cyber Security Center (ITU-ARCC)

ITU-ARCC acts as ITU’s cybersecurity hub in the Arab Region localizing and coordinating cybersecurity initiatives.

National Cyber Security Agency (NACSA) Malaysia

National Cyber Security Agency (NACSA) Malaysia

NACSA is the leading government agency in Malaysia responsible for the development and implementation of national cyber security management policie and strategies.

Zephyr Project

Zephyr Project

The Zephyr Project strives to deliver the best-in-class RTOS for connected resource-constrained devices, built to be secure and safe.

Unit 42

Unit 42

Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization.

Hushmesh

Hushmesh

Hushmesh is a start-up aimed at securing the world’s digital infrastructure by developing develop the Mesh, a global information space with automated security built in.

Axians

Axians

Axians supports its customers in their digital transformation journey. We offer ICT solutions and services in areas including Enterprise Networks and Cybersecurity.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.

Lighthouse IT

Lighthouse IT

At Lighthouse IT, we are focused on delivering seamless and reliable services to unlock the value of technology for your business.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.