Criminal Records Office Hit By A "Cyber Incident”

Uploaded on 2023-04-12 in BUSINESS-Services-Law, FREE TO VIEW, GOVERNMENT-Law Enforcement

The process of securing an overseas visa has been thrown into disarray after the UK Criminal Records Office (ACRO) was hit with a two-month cyber security “incident” resulting in a backlogs of visa applications waiting for criminal clearance after the cyber incident impacted services for two months.

ACRO is a policing service that provides certificates to Britons with details of their criminal records to attach to visa applications when applying to travel and work abroad.

ACRO has been struggling to recover from a cyber event since January 17. An email sent to customers impacted by the operational issue reportedly claimed that their data may have been exposed, although the nature of the incident has not yet been disclosed.

This could mean highly sensitive data including “identification information and any criminal conviction data” could be in the hands of criminal extortionists.

Tweets from ACRO since January hint at problems for the unit. On February 9 it blamed a ‘technical issue’ for a website outage, and a fortnight later claimed that police certificates were taking longer to process due to ‘heavy demand.’ By March 21, ACRO had returned to blaming ‘essential website maintenance’ for the website outage. A note on the official website asks customers for patience as it “works through our technical issues” and requests applicants send an email to the office.

The incident is understood to have caused significant backlogs in the processing of essential police certificates, without which applicants are unable to obtain work or residence visas for many foreign countries.

There is currently no evidence that personal data or payment information has been affected by the incident. ACRO is currently working with authorities to investigate the incident further. The organisation’s website is currently displaying a single page with essential customer information only, directing them to ACRO’s Twitter account for up-to-date guidance.

 ITPro:     Yahoo:      The Register:    The Record:      Standard:     Infosecurity Magazine:    DigitFY:

You Might Also Read: 

US Federal Court Court IT Systems Breached:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Increasing Cyber Attacks On Critical Infrastructure
Japan’s Leading Companies Exposed To Ransomware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TrustedSec

TrustedSec

TrustedSec is an information security consulting services, providing tailored solutions and services for small, mid, and large businesses.

I-Tracing

I-Tracing

I-TRACING are experts in IT security, specialized in legal compliance of information systems, security of information systems, and the collection of digital evidence and traces.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions (ACS)

Automation & Cyber Solutions delivers a range of Industrial Automation and Cyber solutions & services to sectors including Oil & Gas, Chemicals & Petrochemicals, Power and others.

Alpine Cyber Solutions

Alpine Cyber Solutions

Alpine Cyber is a Managed IT Service Provider focused on cybersecurity and cloud services.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Forever Group

Forever Group

Forever Group is a Managed Services Provider specialising in Telecommunications, IT Support, and Cyber Security.

Stairwell

Stairwell

Stairwell is building a new approach to cybersecurity around a vision that all security teams should be able to determine what’s good, what’s bad, and why.

Canopius Group

Canopius Group

Canopius is a global specialty lines insurance and reinsurance company and one of the top 10 insurers in the Lloyd’s insurance market.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

Ostrich Cyber-Risk

Ostrich Cyber-Risk

Ostrich Cyber-Risk is a risk management company that helps organizations reduce the complexity of identifying financial and operational risks related to your cybersecurity posture.

GoTo

GoTo

At GoTo we help people and businesses to connect and collaborate simply and securely – from anywhere. We’re the trusted partner for companies of all sizes.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.

Token

Token

Token is changing the way our customers secure their organizations by providing passwordless, biometric, multifactor authentication.

Efex

Efex

Efex is one of Australia’s leading Managed Technology Solutions providers. We service local companies across Australia, providing accessible, fast and straightforward IT.