Blog Posts
July 2, 2025
UK Data Protection Regulator Fines 23andMe ~$3.1 Million Following Credential Stuffing Attack
Related News & Insights
-
Blog Posts December 21, 2020UK ICO Publishes New Data Sharing Code
On December 17, 2020, the UK Information Commissioner’s Office (‘ICO’) published its Data Sharing Code of Practice (the ‘Code’) following a public consultation which commenced in 2019. The Code focuses mainly on data sharing among data controllers who are subject to the GDPR and the UK Data Protection Act (‘DPA’) 2018. Data controllers falling within […]
The post UK ICO Publishes New Data Sharing Code appeared first on Alston & Bird Privacy Blog.
-
Blog Posts May 6, 2025UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident
On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found that DPP failed to implement appropriate technical and organisational measures, as required by Article 5(1)(f) and Article 32 UK GDPR. This is the […]
The post UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.
-
Blog Posts April 4, 2025UK’s Data Protection Regulator fines a UK SaaS provider ~$4 million following a ransomware incident
On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered a ransomware incident that put the personal data of 79,404 people at risk. In its penalty notice, the ICO found that Advanced failed to implement […]
The post UK’s Data Protection Regulator fines a UK SaaS provider ~$4 million following a ransomware incident appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.
-
Blog Posts November 7, 2022UK’s National Cyber Security Centre Releases 2022 Annual Review
The United Kingdom’s National Cyber Security Centre (NCSC) recently released its 2022 Annual Review, which reports on the state of cyber security threats in the country. As the UK’s technical authority for cyber security, the NCSC releases an annual report covering the cyber threats from the prior 12 months as well as analysis of potential […]
The post UK’s National Cyber Security Centre Releases 2022 Annual Review appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.
-
Blog Posts July 13, 2022UK Information Commissioner’s Office Issues Warning on Ransomware Payments
On July 8, 2022, the UK Information Commissioner’s Office (UK ICO) together with the UK National Cyber Security Centre (NCSC), published a joint letter asking the Law Society of England & Wales to remind its members that they should not advise clients to pay ransomware demands should they fall victim to a cyber-attack. The Law […]
The post UK Information Commissioner’s Office Issues Warning on Ransomware Payments appeared first on Alston & Bird Privacy, Cyber & Data Strategy Blog.
Media Contact