www.theregister.com
Open in
urlscan Pro
104.18.5.22
Public Scan
Submitted URL: https://go.reg.cx/tdml/248fda/64583b7f/635aca30/484t?utm_source=daily&utm_medium=newsletter&utm_content=article
Effective URL: https://www.theregister.com/2023/04/06/acro_security_incident/?utm_source=daily&utm_medium=newsletter&utm_content=article
Submission: On April 11 via manual from GB — Scanned from GB
Effective URL: https://www.theregister.com/2023/04/06/acro_security_incident/?utm_source=daily&utm_medium=newsletter&utm_content=article
Submission: On April 11 via manual from GB — Scanned from GB
Form analysis 2 forms found in the DOM
POST /CBW/custom
<form id="RegCTBWFAC" action="/CBW/custom" class="show_regcf_custom" method="POST">
<h5>Manage Cookie Preferences</h5>
<ul>
<li>
<label>
<input type="checkbox" disabled="disabled" checked="checked" name="necessary" value="necessary">
<strong>Necessary</strong>. <strong>Always active</strong>
</label>
<label for="accordion_necessary" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_necessary">
<p class="accordion_info"> These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. </p>
</div>
</li>
<li>
<label>
<input type="checkbox" name="tailored_ads" value="tailored_ads">
<strong>Tailored Advertising</strong>. </label>
<label for="accordion_advertising_tailored_ads" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg"
class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_advertising_tailored_ads">
<p class="accordion_info"> These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers,
and in some cases selecting advertisements that are based on your interests. </p>
</div>
</li>
<li>
<label>
<input type="checkbox" name="analytics" value="analytics">
<strong>Analytics</strong>. </label>
<label for="accordion_analytics" class="accordion_toggler">Read more<img width="7" height="10" alt="" src="/design_picker/d2e337b97204af4aa34dda04c4e5d56d954b216f/graphics/icon/arrow_down_grey.svg" class="accordion_arrow"></label>
<div class="accordion">
<input type="checkbox" id="accordion_analytics">
<p class="accordion_info"> These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our
sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. </p>
</div>
</li>
</ul> See also our <a href="https://www.theregister.com/Profile/cookies/">Cookie policy</a> and <a href="https://www.theregister.com/Profile/privacy/">Privacy policy</a>. <input type="submit" value="Accept Selected" class="reg_btn_primary"
name="accept" id="RegCTBWFBAC">
</form>POST /CBW/all
<form id="RegCTBWFAA" action="/CBW/all" method="POST" class="hide_regcf_custom">
<input type="submit" value="Accept All Cookies" name="accept" class="reg_btn_primary" id="RegCTBWFBAA">
</form>Text Content
Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”. REVIEW AND MANAGE YOUR CONSENT Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer. MANAGE COOKIE PREFERENCES * Necessary. Always active Read more These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect. * Tailored Advertising. Read more These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests. * Analytics. Read more These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance. See also our Cookie policy and Privacy policy. Customize Settings Sign in / up TOPICS Security SECURITY All SecurityCyber-crimePatchesResearchCSO (X) Off-Prem OFF-PREM All Off-PremEdge + IoTChannelPaaS + IaaSSaaS (X) On-Prem ON-PREM All On-PremSystemsStorageNetworksHPCPersonal Tech (X) Software SOFTWARE All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization (X) Offbeat OFFBEAT All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us (X) Special Features SPECIAL FEATURES Spotlight on Databases Defense Tech Week Energy Efficient Datacenters VENDOR VOICE Vendor Voice VENDOR VOICE All Vendor VoiceAmazon Web Services (AWS) Business TransformationDDNElasticGoogle Cloud for Startups (X) Resources RESOURCES Whitepapers Webinars Newsletters CYBER-CRIME 19 CRIMINAL RECORDS OFFICE YANKS WEB PORTAL OFFLINE AMID 'CYBER SECURITY INCIDENT' 19 ACRO SAYS PAYMENT DATA SAFE, OTHER INFO MAY HAVE BEEN SNAFFLED Paul Kunert Thu 6 Apr 2023 // 08:30 UTC ACRO, the UK's criminal records office, is combing over a "cyber security incident" that forced it to pull its customer portal offline. As the name implies, the government agency manages people's criminal record information, running checks as needed on individuals for any convictions, cautions, or ongoing prosecutions. It doesn't just work with British police and businesses: it exchanges this data with other countries. This data, used by employers vetting potential hires and embassies processing visa applications, is drawn from UK's Police National Computer via an information sharing agreement ACRO has with the Cabinet Office. The data input typically includes a decade's worth of name and address history, extended family information, a new foreign address, legal representation, passport information, photo and data PIN cautions, reprimands, arrests, charges or convictions. > We are very sorry that because of your interaction with ACRO your data could > have been affected In an email to users this week – seen by El Reg – ACRO confirmed it has "recently been made aware of a cyber security incident affecting the website between 17th January 2023 and 21 March 2023." "At this time," it added, "we have no conclusive evidence that personal data has been affected by the cyber security incident; however it is only right that we inform you of the situation. We are very sorry that because of your interaction with ACRO your data could have been affected, and we are working tirelessly to resolve this matter." "As soon as ACRO was made aware of this incident, we took robust action to take the customer portal offline so that we could fully investigate," the message continued. The website right now tells visitors: "Thank you for you patience as we work through our technical issues." ACRO lists where users can obtain application forms for Police or International Child Protection Certificates. A quick check on Twitter shows ACRO customer service noted on March 21 that the website was unavailable due to maintenance, and appears to have been down since with one further update on March 31. Those who got the email were using ACRO's services as a direct applicant; "in support of an application as a nominated endorser; or a professional administering the application for and with the applicant." ACRO said there "does not appear to be any potential risk to your payment information" or to the information or certificates that were dispatched following the application. "The personal data which could have been affected is any information you supplied to us, including identification information and any criminal conviction data." It added: "If you had a nominated endorser, professional or other third party, their name, relationship to the applicant, occupation, phone numbers, email address and case reference number could have been affected." * Psst! Infosec bigwigs: Wanna be head of security at HM Treasury for £50k? * Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners' home addresses in Google Earth * UK data watchdog fines government office for disclosing New Year's gong list * Telegraph newspaper bares 10TB of subscriber data and server logs to world+dog * Capita: Cyber-attack broke some of our IT systems * UK Ministry of Defence takes recruitment system offline, confirms data leak Britain's privacy watchdog the ICO was informed of the snafu, says ACRO, which is also working with the National Cyber Security Centre (NCSC) – an offshoot of intelligence nerve-center GCHQ – to probe the matter. "We take data security very seriously and will ensure that the matter is fully investigated; part of the investigation will include learning how we can identify, prevent and block any future security threats," ACRO said in its email. We're not sure ACRO should be handing out security advice right now but in any case, it urged users to make sure they use "strong and unique passwords" for their online accounts and keep an eye out for suspicious activity, "for example potential phishing emails." On March 31, ACRO's Twitter account asked anyone who submitted an application form by email or mailed the dedicated mailboxes since the website went down to bear with it. "The website issue and manual processing of applications has created a backlog but we are allocating more resources to our customer service team and getting through the list as quickly as we possibly can," it noted. We asked the ACRO press office to comment on the intruders' point of system entry; what exactly these miscreants accomplished when on the inside for so long; for technical details of any malware used; if there is any word on the other data accessed; and if payment data was held on a separate system. A spokesperson at ACRO said they were unable to answer our questions as an investigation is ongoing, "but can confirm the website was taken down on 21st March." The other statements it made were already contained in the mea culpa to users. NCSC told us: "We are aware of an incident affecting ACRO Criminal Records Office and are working with them to fully understand the impact." The ICO said it is also aware of the incident and "making enquiries." ® Sponsored: Is cloud repatriation part of your multicloud strategy? Share SIMILAR TOPICS * Crime * Cybercrime * Data Breach More like these × SIMILAR TOPICS * Crime * Cybercrime * Data Breach * Police * Security NARROWER TOPICS * 2FA * Advanced persistent threat * Application Delivery Controller * Authentication * BEC * Black Hat * Bug Bounty * Common Vulnerability Scoring System * CSAM * Cybersecurity * Cybersecurity and Infrastructure Security Agency * Cybersecurity Information Sharing Act * Data Protection * Data Theft * DDoS * Digital certificate * Encryption * Exploit * Firewall * Hacker * Hacking * Identity Theft * Incident response * Infosec * Interpol * Kenna Security * NCSAM * NCSC * Palo Alto Networks * Password * Phishing * Quantum key distribution * Ransomware * Remote Access Trojan * REvil * RSA Conference * Spamming * Spyware * Surveillance * TLS * Trojan * Trusted Platform Module * Vulnerability * Wannacry * Zero trust SIMILAR TOPICS Share 19 COMMENTS SIMILAR TOPICS * Crime * Cybercrime * Data Breach More like these × SIMILAR TOPICS * Crime * Cybercrime * Data Breach * Police * Security NARROWER TOPICS * 2FA * Advanced persistent threat * Application Delivery Controller * Authentication * BEC * Black Hat * Bug Bounty * Common Vulnerability Scoring System * CSAM * Cybersecurity * Cybersecurity and Infrastructure Security Agency * Cybersecurity Information Sharing Act * Data Protection * Data Theft * DDoS * Digital certificate * Encryption * Exploit * Firewall * Hacker * Hacking * Identity Theft * Incident response * Infosec * Interpol * Kenna Security * NCSAM * NCSC * Palo Alto Networks * Password * Phishing * Quantum key distribution * Ransomware * Remote Access Trojan * REvil * RSA Conference * Spamming * Spyware * Surveillance * TLS * Trojan * Trusted Platform Module * Vulnerability * Wannacry * Zero trust TIP US OFF Send us news -------------------------------------------------------------------------------- OTHER STORIES YOU MIGHT LIKE UBER DRIVER INFO STOLEN YET AGAIN: THIS TIME FROM LAW FIRM Never mind software supply chain attacks, lawyers are the new soft target? Cyber-crime8 days | 13 CAN DO ATTITUDE: HOW THIEVES STEAL CARS USING NETWORK BUS It starts with a headlamp and fake smart speaker, and ends in an injection attack and a vanished motor Research5 days | 194 COPS PUT THE SQUEEZE ON GENESIS CRIME SOUK DENIZENS, NOT JUST THE ADMINS THIS TIME Feds managed to image entire backend server with full details Cyber-crime6 days | 1 TURNING GREEN WITH PROFESSIONAL-GRADE PCS Climate change negatively impacts our society, leaving businesses to find new ways to optimize business operations to reduce CO2 emissions Sponsored Feature COPS CUFF TEENAGE 'ROBIN HOOD HACKER' SUSPECTED OF PEDDLING STOLEN INFO Luxury cars and designer duds don't seem very prince of thieves Cyber-crime5 days | 24 PSST! INFOSEC BIGWIGS: WANNA BE HEAD OF SECURITY AT HM TREASURY FOR £50K? Juicy private sector job vs … money off a season travel ticket Security11 days | 77 UKRAINIAN COPS NAB SUSPECTS ACCUSED OF STEALING $4.3M FROM VICTIMS ACROSS EUROPE If the price looks too good to be true, it probably is Cyber-crime10 days | 13 LAWYERS COUGH UP $200K AFTER HEALTH DATA STOLEN IN MICROSOFT EXCHANGE PILLAGING In addition to $100k given to LockBit Security15 days | 8 HOW MUCH TO INFECT ANDROID PHONES VIA GOOGLE PLAY STORE? HOW ABOUT $20K Or whatever you managed to haggle with these miscreants Cyber-crime12 hrs | WESTERN DIGITAL CONFIRMS DIGITAL BURGLARY, CALLS THE COPS Thinks info from internal systems 'obtained' by miscreant, unsure of nature or scope data Cyber-crime8 days | 10 CAPITA: CYBER-ATTACK BROKE SOME OF OUR IT SYSTEMS Staff regain access to Microsoft apps, tech outsourcer still working to restore services for some Defense Tech Week8 days | 24 PRO-RUSSIA CYBER GANG WINTER VIVERN PUTS US, EURO LAWMAKERS IN LINE OF FIRE Winter is coming for NATO countries Security11 days | 9 The Register Biting the hand that feeds IT ABOUT US * Contact us * Advertise with us * Who we are OUR WEBSITES * The Next Platform * DevClass * Blocks and Files YOUR PRIVACY * Cookies Policy * Your Consent Options * Privacy Policy * T's & C's Copyright. All rights reserved © 1998–2023