Security shortfalls exposing data

In our previous cyber round-up, we reported a vulnerability discovered in Moltbook, a social networking platform designed for AI agents, which resulted in exposed data and permitted both read and write access to sensitive information.

This month, Companies House suspended its online WebFiling system after identifying a vulnerability that permitted users to view and alter confidential information – including the personal details of company directors – and upload or delete filings for any company on the platform by logging in.

The extent to which company dashboards were accessed or impacted remains undetermined; however, reports indicate that the vulnerability originated with a system update implemented in October 2025.

Andy King, Chief Executive Officer of Companies House, issued a statement urging all companies to review their registered details and filing history to ensure accuracy. Companies are also encouraged to submit complaints should any discrepancies be discovered.

Criminals are looking for long-term targets

Recent research in cyber risks, by cyber risk solutions company Resilience found that cyber criminals are increasingly looking to sustained impacts and strategies; stealing sensitive information, threatening to release it, and demanding ransom payments as a result. Consequently, organisations that fail to secure their data could face significant consequences if it ends up in the wrong hands.

Indeed, the lasting effects of cyber-attacks involving stolen data are becoming increasingly evident. Earlier this month, the BBC revealed that around 10m people had their personal information, including names, addresses, and phone numbers, compromised in the September 2024 cyber-attack on Transport for London (TfL).

Although TfL initially stated that only around 5,000 customers faced a higher risk, later investigations showed that far more individuals were affected, prompting TfL to email over 7m people notifying them about the breach. Even though individual risk remains minimal, such data breaches often raise the chances for affected individuals of subsequently being targeted by further hacks or scams.

More broadly, the government is also implementing measures to address the risk of data leakage in the public sector. Reviews of a monitoring service launched earlier this year as part of the ‘Blueprint for modern digital government’ have found that the service has expedited the identification and resolution of security shortfalls and weaknesses in public sector websites.

To further enhance these efforts, the government has now announced plans to recruit and train cyber professionals specifically tasked with overseeing cybersecurity in the public sector through a newly established 'Cyber Profession.'

Deepfakes in the spotlight

There has been a noticeable increase in AI-generated deepfakes that imitate public figures and disseminate false information on social media platforms, including Meta. A recent investigation into deepfakes of Welsh politicians revealed that many originate from overseas, and several popular Facebook pages publishing the misleading content were based in Vietnam.

Although current research suggests minimal evidence of deepfakes or disinformation influencing past general elections, the growing accessibility of deepfake creation through AI-powered technology is raising concerns.

An oversight group, established by Meta itself, has also expressed concerns about the growing number of deepfakes and AI-generated fake videos on the platform. They recommend that the social media site should take further steps to clearly identify and, when necessary, remove such AI-created content. Although Meta has taken down some pages, new ones promoting deepfakes and misinformation continue to appear quickly on the platform.

Deepfakes are not just a social media problem. AI-based tools that can create and personalise scams are now inexpensive and easy to use at scale, as reported by experts who have created an AI Incident Database.

Indeed, there has been a noticeable rise in scam operations originating from Southeast Asia that are employing AI and deepfake technology. As a result, the UK launched a global taskforce at the Global Fraud Summit this month in collaboration with INTERPOL to address these scam operations, initially prioritising the dismantling of criminal groups throughout Southeast Asia that are increasingly contributing to worldwide fraud.

Rising cyber threats during wartime

Recent developments in the Middle East have raised concerns regarding the potential use of cyber operations to cause disruption. Earlier this month, Iranian hackers claimed responsibility for a significant cyber-attack on Stryker, a U.S. medical technology company and a supplier to the NHS. Similarly, experts have cautioned that there may be an elevated risk of cyber-attacks targeting national infrastructure in the UK as a consequence of the ongoing situation.

Although there has not been a significant increase in direct cyber threats from Iran to the UK, the National Cyber Security Centre (NCSC) recently issued an alert urging UK organisations to reassess their cyber security measures. The risk of indirect cyber-attacks has increased, especially for those operating in the Middle East or with supply chain connections there. The NCSC provides guidance on what steps to take when the cyber threat is heightened, such as reviewing basic cyber security principles and securing devices, networks, and systems.