Cybercrime

M&S technology chief steps down after cyberattack

Marks & Spencer’s technology chief, Rachel Higham, has stepped down less than 18 months after joining the retailer from BT.

Her departure comes months after a cyberattack in April by Scattered Spider disrupted systems and cost the company around £300 million. Online operations, including click-and-collect, were temporarily halted before being gradually restored.

In a memo to staff, the company described Higham as a steady hand during a turbulent period and wished her well. M&S has said it does not intend to replace her role, leaving questions over succession directly.

The retailer expects part of the financial hit to be offset by insurance. It has declined to comment further on whether Higham will receive a payoff.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

California moves to regulate AI companion chatbots to protect minors

The California State Assembly passed SB 243, advancing legislation making the state the first in the USA to regulate AI companion chatbots. The bill, which aims to safeguard minors and vulnerable users, passed with bipartisan support and now heads to the state Senate for a final vote on Friday.

If signed into law by Governor Gavin Newsom, SB 243 would take effect on 1 January 2026. It would require companies like OpenAI, Replika, and Character.AI to implement safety protocols for AI systems that simulate human companionship.

The law would prohibit such chatbots from engaging in conversations involving suicidal ideation, self-harm, or sexually explicit content. For minors, platforms must provide recurring alerts every three hours, reminding them they interact with AI and encouraging breaks.

The bill also introduces annual transparency and reporting requirements, effective 1 July 2027. Users harmed by violations could seek damages of up to $1,000 per incident, injunctive relief and attorney’s fees.

The legislation follows the suicide of teen Adam Raine after troubling conversations with ChatGPT, and amid mounting scrutiny of AI’s impact on children. Lawmakers nationwide and the Federal Trade Commission (FTC) are increasing pressure on AI companies to bolster safeguards in the USA.

Though earlier versions of the bill included stricter requirements, like banning addictive engagement tactics, those provisions were removed. Still, backers say the final bill strikes a necessary balance between innovation and public safety.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

AI and cyber priorities headline massive US defence budget bill

The US House of Representatives has passed an $848 billion defence policy bill with new provisions for cybersecurity and AI. Lawmakers voted 231 to 196 to approve the chamber’s version of the National Defence Authorisation Act (NDAA).

The bill mandates that the National Security Agency brief Congress on plans for its Cybersecurity Coordination Centre and requires annual reports from combatant commands on the levels of support provided by US Cyber Command.

It also calls for a software bill of materials for AI-enabled technology that the Department of Defence uses. The Pentagon will be authorised to create up to 12 generative AI projects to improve cybersecurity and intelligence operations.

An adopted amendment allows the NSA to share threat intelligence with the private sector to protect US telecommunications networks. Another requirement is that the Pentagon study the National Guard’s role in cyber response at the federal and state levels.

Proposals to renew the Cybersecurity Information Sharing Act and the State and Local Cybersecurity Grant Program were excluded from the final text. The Senate is expected to approve its version of the NDAA next week.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

EU considers social media restrictions for minors

European Commission President Ursula von der Leyen announced that the EU is considering tighter restrictions on children’s access to social media platforms.

During her annual State of the Union address, von der Leyen said the Commission is closely monitoring Australia’s approach, where individuals under 16 are banned from using platforms like TikTok, Instagram, and Snapchat.

‘I am watching the implementation of their policy closely,’ von der Leyen said, adding that a panel of experts will advise her on the best path forward for Europe by the end of 2025.

Currently, social media age limits are handled at the national level across the EU, with platforms generally setting a minimum age of 13. France, however, is moving toward a national ban for those under 15 unless an EU-wide measure is introduced.

Several EU countries, including the Netherlands, have already warned against children under 15 using social media, citing health risks.

In June, the European Commission issued child protection guidelines under the Digital Services Act, and began working with five member states on age verification tools, highlighting growing concern over digital safety for minors.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Cyberattack hits LNER passenger data, investigation under way

The contact details of rail passengers have been stolen in a cyberattack affecting London North Eastern Railway (LNER). The company stated that it had been notified of unauthorised access to files managed by a third-party supplier and advised customers to be vigilant against phishing attempts.

LNER stressed that no bank details, card numbers, or passwords had been compromised. The York-based operator stated that it was collaborating with cybersecurity experts and the supplier to investigate the breach and ensure necessary safeguards.

The company did not confirm the number of passengers affected. The incident comes as LNER reported revenues exceeding £1 billion, yet it continues to rely on government support since its nationalisation in 2018.

Passenger complaints rose 12.2 percent in 2025, reaching 24,015, and competition from private operators is driving losses—online ticket platforms such as Trainline direct passengers to cheaper rivals, costing LNER significant revenue.

The breach follows other attacks on UK transport services, including a 2024 incident in which the bank details of 5,000 Transport for London customers were exposed, resulting in weeks of disrupted online services.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Cyberattack keeps JLR factories shut, hackers claim responsibility

Jaguar Land Rover (JLR) has confirmed that data was affected in a cyberattack that has kept its UK factories idle for more than a week. The company stated that it is contacting anyone whose data was involved, although it did not clarify whether the breach affected customers, suppliers, or internal systems.

JLR reported the incident to the Information Commissioner’s Office and immediately shut down IT systems to limit damage. Production at Midlands and Merseyside sites has been halted until at least Thursday, with staff instructed not to return before next week.

The disruption has also hit suppliers and retailers, with garages struggling to order spare parts and dealers facing delays registering vehicles. JLR said it is working around the clock to restore operations in a safe and controlled way, though the process is complex.

Responsibility for the hack has been claimed by Scattered Lapsus$ Hunters, a group linked to previous attacks on Marks & Spencer, the Co-op, and Las Vegas casinos in the UK and the US. The hackers posted alleged screenshots from JLR’s internal systems on Telegram last week.

Cybersecurity experts say the group’s claim that ransomware was deployed raises questions, as it appears to have severed ties with Russian ransomware gangs. Analysts suggest the hackers may have only stolen data or are building their own ransomware infrastructure.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Cybersecurity protections for US companies at risk as key law nears expiration

As cyber threats grow, a vital legal safeguard encouraging US companies to share threat intelligence is on the verge of expiring.

The US Cybersecurity Information Sharing Act of 2015 (CISA 2015), which grants liability protection to firms that voluntarily share cyber threat data with peers and the federal government, is set to lapse at the end of the month unless Congress acts swiftly.

The potential loss of this law could leave companies, especially small and mid-sized organisations, isolated in defending against cyberattacks, including those powered by emerging technologies like agentic AI. Companies may revert to lengthy legal reviews without liability protection or avoid information-sharing altogether.

On 3 September 2025, the House Homeland Security Committee unanimously approved a bill to extend these protections, but it still needs full congressional approval and the president’s signature.

According to Bloomberg, the Cybersecurity and Infrastructure Security Agency (CISA) has suffered budget cuts and workforce reductions under the Trump administration. Despite the administration’s criticism of the agency, its nominee to lead CISA, Sean Plankey, has publicly supported extending CISA 2015.

Industry leaders warn that losing these protections could slow down vital threat coordination. ‘This is the last line of defence,’ said Carole House, a former White House cybersecurity advisor.

With the potential expiration of CISA 2015, industry-focused Information Sharing and Analysis Centres (ISACs), now numbering at least 28 in the USA, may serve as a fallback for cybersecurity collaboration.

While some ISACs already offer legal protections like NDAs and anonymous sharing, experts warn that companies may hesitate to participate without federal liability protections.

Complex legal agreements could become necessary, potentially limiting engagement. ‘You run the risk of some companies deciding it’s too risky,’ said Scott Algeier, executive director of the IT-ISAC, despite hopes for continued collaboration.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Ransomware 3.0 raises alarm over AI-generated cyber threats

Researchers at NYU’s Tandon School of Engineering have demonstrated how large language models can be utilised to execute ransomware campaigns autonomously. Their prototype, dubbed Ransomware 3.0, simulated every stage of an attack, from intrusion to the generation of a ransom note.

The system briefly raised an alarm after cybersecurity firm ESET discovered its files on VirusTotal, mistakenly identifying them as live malware. The proof-of-concept was designed only for controlled laboratory use and posed no risk outside testing environments.

Instead of pre-written code, the prototype embedded text instructions that triggered AI models to generate tailored attack scripts. Each execution created unique code, evading traditional detection methods and running across Windows, Linux, and Raspberry Pi systems.

The researchers found that the system identified up to 96% of sensitive files and could generate personalised extortion notes, raising psychological pressure on victims. With costs as low as $0.70 per attack using commercial AI services, such methods could lower barriers for criminals.

The team stressed that the work was conducted ethically and aims to help defenders prepare countermeasures. They recommend monitoring file access patterns, limiting outbound AI connections, and developing defences against AI-generated attack behaviours.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Senate Democrats propose framework for crypto market rules

A group of 12 Democratic US senators unveiled a crypto regulation plan, highlighting the need for bipartisan oversight. The proposal comes in response to Republicans’ plan to advance a market structure bill this month.

The Democrats’ framework outlines seven key pillars, including protections against illicit finance and measures to close gaps in the spot market for digital assets not classified as securities. It also calls for fair and effective regulation, highlighting concerns over the SEC, CFTC, and Treasury Department leadership.

The framework criticised Trump for removing Democratic commissioners and noted his family’s financial ties to crypto projects. Senators urged limits on elected officials and family members profiting from digital assets and reinforced disclosure requirements.

With the House passing the CLARITY Act and the GENIUS Act regulating stablecoins, the Senate is expected to prioritise crypto market structure legislation. However, Democrats remain uncertain whether Republicans will adopt their recommendations, with a final bill unlikely before 2026.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

International search widens for ransomware fugitive on EU Most Wanted

A Ukrainian cybercrime suspect has been added to the EU’s Most Wanted list for his role in the 2019 LockerGoga ransomware attack against a major Norwegian aluminium company and other global incidents.

The fugitive is considered a high-value target and is wanted by multiple countries. The US Department of Justice has offered up to USD 10 million for information leading to the arrest.

Europol stated that the identification of the suspect followed a lengthy, multinational investigation supported by Eurojust, with damages from the network estimated to be in the billions. Several members of the group have already been detained in Ukraine.

Investigators have mapped the network’s operations, tracing its hierarchy from malware developers and intrusion experts to money launderers who processed illicit proceeds. The wanted man is accused of directly deploying LockerGoga ransomware.

Europol has urged the public to visit the EU Most Wanted website and share information that could assist in locating the fugitive. The suspect’s profile is now live on the platform.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!