Critical internet resources

Vodafone restores UK network after major outage

Vodafone says its nationwide network outage that left thousands across the UK without broadband and mobile data has been fully resolved. The disruption, which began on Monday afternoon, triggered over 130,000 complaints to Downdetector as customers reported losing internet access.

The company confirmed that a software error from one of its vendors had caused the problem but stressed it was not the result of a cyberattack. Vodafone apologised and said the network had fully recovered after engineers implemented fixes late on Monday night.

Industry experts warned that the outage highlighted the need for stronger digital resilience. Analysts said businesses relying on Vodafone likely suffered missed deadlines and financial losses, with many expected to seek compensation.

The fault also impacted UK customers of Voxi, Lebara, and Talkmobile, which operate on Vodafone’s infrastructure. Cloudflare data showed Vodafone traffic temporarily dropped to zero, effectively cutting the network off from the internet for over an hour.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Amazon expands Project Kuiper with new satellite launches

Amazon’s Project Kuiper is moving ahead with its global satellite internet network, adding another 24 satellites to orbit as part of its ongoing deployment plan.

The latest mission, known as KF-03, is scheduled for today, launching on a SpaceX Falcon 9 rocket from Cape Canaveral Space Force Station in Florida.

The KF-03 launch will bring the total number of Kuiper satellites to 153, furthering the plan of Amazon to build a low Earth orbit constellation of more than 3,200 spacecraft.

Once deployed at an altitude of 289 miles, the satellites will undergo health checks before being raised to their operational orbit of 392 miles. The mission marks Amazon’s third collaboration with SpaceX as part of over 80 launches planned for the project.

Earlier missions in 2025 included deployments using both SpaceX Falcon 9 and ULA Atlas V rockets. The first launch in April carried 27 satellites, followed by additional missions in June, July, August and September.

Each operation has strengthened the foundation of Kuiper’s network, which aims to provide reliable internet connectivity to customers and communities worldwide.

Amazon’s Project Kuiper represents a major investment in global connectivity infrastructure, with its Kennedy Space Center facility in Florida supporting multiple launch campaigns simultaneously.

Once complete, the system is expected to compete with other satellite internet networks by expanding digital access across underserved regions.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Age verification and online safety dominate EU ministers’ Horsens meeting

EU digital ministers are meeting in Horsens on 9–10 October to improve the protection of minors online. Age verification, child protection, and digital sovereignty are at the top of the agenda under the Danish EU Presidency.

The Informal Council Meeting on Telecommunications is hosted by the Ministry of Digital Affairs of Denmark and chaired by Caroline Stage. European Commission Executive Vice-President Henna Virkkunen is also attending to support discussions on shared priorities.

Ministers are considering measures to prevent children from accessing age-inappropriate platforms and reduce exposure to harmful features like addictive designs and adult content. Stronger safeguards across digital services are being discussed.

The talks also focus on Europe’s technological independence. Ministers aim to enhance the EU’s digital competitiveness and sovereignty while setting a clear direction ahead of the Commission’s upcoming Digital Fairness Act proposal.

A joint declaration, ‘The Jutland Declaration’, is expected as an outcome. It will highlight the need for stronger EU-level measures and effective age verification to create a safer online environment for children.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Discord incident highlights growing vendor security risks

A September breach at one of Discord’s customer service vendors has exposed user data, highlighting the growing cybersecurity risks associated with third-party providers. Attackers exploited vulnerabilities in the external platform, but Discord’s core systems were not compromised.

Exposed information includes usernames, email addresses, phone numbers, and partial payment details, such as the last four digits of credit card numbers. No full card numbers, passwords, or messages were accessed, which limited the scope of the incident compared to more severe breaches.

Discord revoked the vendor’s system access, launched an investigation, and engaged law enforcement and forensic experts. Only users who contacted support were affected. Individuals impacted are being notified by email and advised to remain vigilant for potential scams.

The incident underscores the growing risk of supply chain attacks, where external service providers become weak points in otherwise well-secured organisations. As companies rely more on vendors, attackers are increasingly targeting these indirect pathways.

Cybersecurity analysts warn that third-party breaches are on the rise amid increasingly sophisticated phishing and AI-enabled scams. Strengthening vendor oversight, improving internal training, and maintaining clear communication with users are seen as essential next steps.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

New report finds IT leaders unprepared for evolving cyber threats

A new global survey by 11:11 Systems highlights growing concerns among IT leaders over cyber incident recovery. More than 800 senior IT professionals across North America, Europe, and the Asia Pacific report a rising strain from evolving threats, staffing gaps, and limited clean-room infrastructure.

Over 80% of respondents experienced at least one major cyberattack in the past year, with more than half facing multiple incidents. Nearly half see recovery planning complexity as their top challenge, while over 80% say their organisations are overconfident in their recovery capabilities.

The survey also reveals that 74% believe integrating AI could increase cyberattack vulnerability. Despite this, 96% plan to invest in cyber incident recovery within the next 12 months, underlining its growing importance in budget strategies.

The financial stakes are high. Over 80% of respondents reported spending at least six figures during just one hour of downtime, with the top 5% incurring losses of over one million dollars per hour. Yet 30% of businesses do not test their recovery plans annually, despite these risks.

11:11 Systems’ CTO Justin Giardina said organisations must adopt a proactive, AI-driven approach to recovery. He emphasised the importance of advanced platforms, secure clean rooms, and tailored expertise to enhance cyber resilience and expedite recovery after incidents.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Policy hackathon shapes OpenAI proposals ahead of EU AI strategy

OpenAI has published 20 policy proposals to speed up AI adoption across the EU. Released shortly before the European Commission’s Apply AI Strategy, the report outlines practical steps for member states, businesses, and the public sector to bridge the gap between ambition and deployment.

The proposals originate from Hacktivate AI, a Brussels hackathon with 65 participants from EU institutions, governments, industry, and academia. They focus on workforce retraining, SME support, regulatory harmonisation, and public sector collaboration, highlighting OpenAI’s growing policy role in Europe.

Key ideas include Individual AI Learning Accounts to support workers, an AI Champions Network to mobilise SMEs, and a European GovAI Hub to share resources with public institutions. OpenAI’s Martin Signoux said the goal was to bridge the divide between strategy and action.

Europe already represents a major market for OpenAI tools, with widespread use among developers and enterprises, including Sanofi, Parloa, and Pigment. Yet adoption remains uneven, with IT and finance leading, manufacturing catching up, and other sectors lagging behind, exposing a widening digital divide.

The European Commission is expected to unveil its Apply AI Strategy within days. OpenAI’s proposals act as a direct contribution to the policy debate, complementing previous initiatives such as its EU Economic Blueprint and partnerships with governments in Germany and Greece.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Breach at third-party support provider exposes Discord user data

Discord has disclosed a security incident after a third-party customer service provider was compromised. The breach exposed personal data from users who contacted Discord’s support and Trust & Safety teams.

An unauthorised party accessed the provider’s ticketing system and targeted user data in an extortion attempt. Discord revoked access, launched an investigation with forensic experts, and notified law enforcement. Impacted users will be contacted via official email.

Compromised information may include usernames, contact details, partial billing data, IP addresses, customer service messages, and limited government-ID images. Passwords, authentication data, and full credit card numbers were not affected.

Discord has notified data protection authorities and strengthened security controls for third-party providers. It has also reviewed threat detection systems to prevent similar incidents.

The company urges affected users to remain vigilant against suspicious messages. Service agents are available to answer questions and provide additional support.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Meta unveils Candle cable to boost Asia-Pacific connectivity

Meta has announced Candle, a new submarine cable system designed to enhance digital connectivity across East and Southeast Asia. The 8,000-kilometre network will link Japan, Taiwan, the Philippines, Indonesia, Malaysia, and Singapore by 2028, offering a record 570 terabits per second (Tbps) of capacity.

Developed with regional telecommunications partners, Candle will use advanced 24 fibre-pair technology to deliver Meta’s largest bandwidth performance in the Asia-Pacific region.

The company also confirmed progress on several other subsea infrastructure projects. The Bifrost cable now connects Singapore, Indonesia, the Philippines, and the United States, with Mexico expected to join by 2026, adding 260 Tbps of new capacity.

Meanwhile, Echo currently links Guam and California with the same bandwidth, and Apricot has gone live between Japan, Taiwan, and Guam, with future extensions planned to Southeast Asia.

Together, Candle, Bifrost, Echo, and Apricot will improve intra-Asian connectivity and strengthen digital bridges between Asia and the Americas. These projects are part of Meta’s global network investments, including Project Waterworth and 2Africa, aimed at expanding access to AI and digital infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

Oracle systems targeted in unverified data theft claims, Google warns

Google has warned that hackers are emailing company executives, claiming to have stolen sensitive data from Oracle business applications. The group behind the campaign identifies itself as affiliated with the Cl0p ransomware gang.

In a statement, Google said the attackers target executives at multiple organisations with extortion emails linked to Oracle’s E-Business Suite. The company stated that it lacks sufficient evidence to verify the claims or confirm whether any data has been taken.

Neither Cl0p nor Oracle responded to requests for comment. Google did not provide additional information about the scale or specific campaign targets.

The cl0p ransomware gang has been involved in several high-profile extortion cases, often using claims of data theft to pressure organisations into paying ransoms, even when breaches remain unverified.

Google advised recipients to treat such messages cautiously and report any suspicious emails to security teams while investigations continue.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

NIST pushes longer passphrases and MFA over strict rules

The US National Institute of Standards and Technology (NIST) has updated its password guidelines, urging organisations to drop strict complexity rules. NIST states that requirements such as mandatory symbols and frequent resets often harm usability without significantly improving security.

Instead, the agency recommends using blocklists for breached or commonly used passwords, implementing hashed storage, and rate limiting to resist brute-force attacks. Multi-factor authentication and password managers are encouraged as additional safeguards.

Password length remains essential. Short strings are easily cracked, but users should be allowed to create longer passphrases. NIST recommends limiting only extremely long passwords that slow down hashing.

The new approach replaces mandatory resets with changes triggered only after suspected compromise, such as a data breach. NIST argues this method reduces fatigue while improving overall account protection.

Businesses adopting these guidelines must audit their existing policies, reconfigure authentication systems, deploy blocklists, and train employees to adapt accordingly. Clear communication of the changes will be key to ensuring compliance.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!