NHS is investigating allegations that a software flaw at private medical services company Medefer left patient data vulnerable to hacking.
The flaw, discovered in November, affected Medefer’s internal patient record system in the UK, which handles 1,500 NHS referrals monthly.
A software engineer who found the issue believes the vulnerability may have existed for six years, but Medefer denies this claim, stating no data has been compromised.
The engineer discovered that unprotected application programming interfaces (APIs) could have allowed outsiders to access sensitive patient information.
While Medefer has insisted that there is no evidence of any breach, they have commissioned an external security agency to review their systems. The agency confirmed that no breach was found, and the company asserts that the flaw was fixed within 48 hours of being discovered.
Cybersecurity experts have raised concerns about the potential risks posed by the flaw, emphasising that a proper investigation should have been conducted immediately.
Medefer reported the issue to the Information Commissioner’s Office (ICO) and the Care Quality Commission (CQC), both of which found no further action necessary. However, experts suggest that a more thorough response could have been beneficial given the sensitive nature of the data involved.
For more information on these topics, visit diplomacy.edu.
Social media platform X is experiencing widespread outages in the US and the UK, with thousands of users reporting issues, according to outage tracking website Downdetector.
Reports indicate over 21,000 incidents in the US and more than 10,800 in the UK, suggesting significant disruptions.
Downdetector, which gathers status reports from various sources, noted that the actual number of affected users may be higher.
Many have turned to other platforms to discuss the outage, but X has not yet responded to requests for comment.
The cause of the disruption remains unclear, and there is no official timeline for when full service will be restored. Users continue to face difficulties accessing the platform, impacting communication and social media activity globally.
For more information on these topics, visit diplomacy.edu.
The UK government has removed encryption advice from its official web pages, shortly after requesting backdoor access to encrypted data stored on Apple’s iCloud service.
The change was noticed by security expert Alec Muffett, who highlighted in a blog post that the National Cyber Security Centre (NCSC) no longer recommends encryption for high-risk individuals.
Previously, the NCSC had advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP) for secure iCloud backups, which provide end-to-end encryption to ensure only the user has access to their data.
However, the webpage now redirects to a different page with no mention of encryption, instead recommending Apple’s Lockdown Mode—a security feature designed to limit access to certain phone functions.
Muffett pointed out that the original advice is no longer available on government sites, though it can still be accessed via the Wayback Machine.
This development follows reports that the UK government requested Apple to build a backdoor to access encrypted iCloud data.
In response, Apple removed the ADP feature for new users in the UK and stated that existing users would eventually need to disable it. Apple is reportedly challenging the UK’s data access order in the Investigatory Powers Tribunal (IPT).
For more information on these topics, visit diplomacy.edu.
The UK Competition and Markets Authority (CMA) has concluded its investigation into Microsoft’s partnership with OpenAI, deciding not to move forward with a merger probe.
The decision comes after the CMA found that Microsoft does not hold enough control over OpenAI, a key factor in triggering a merger review. The companies’ collaboration began in 2019, when Microsoft invested $1 billion in the AI startup.
Despite this, the CMA stated that Microsoft’s influence had not evolved to the level of de facto control required for further scrutiny.
This marks the end of the UK’s formal investigation into the deal, although the CMA clarified that its decision should not be interpreted as a dismissal of potential competition concerns related to the partnership.
While the investigation is closed, the CMA has been increasingly active in examining major tech company acquisitions, particularly those involving AI startups.
Microsoft welcomed the CMA’s decision, asserting that their ongoing partnership with OpenAI fosters innovation and competition in AI development.
Meanwhile, the CMA continues to monitor the tech sector, with broader powers to investigate companies deemed to hold ‘strategic market status’.
For more information on these topics, visit diplomacy.edu.
Blackstone’s ambitious $13 billion ‘hyperscale’ data centre project in North East England has been given the green light by Northumberland County Council. The plan, which spans 540,000 square metres, was approved after a unanimous vote and is expected to represent an investment of up to £10 billion. The data centre will provide essential data storage and cloud computing services to businesses, addressing the rising demand in sectors such as AI.
The development is expected to generate substantial economic benefits, including up to 1,200 long-term construction jobs and hundreds of operational roles once the centre is running. Additionally, it could support up to 2,700 indirect jobs. As part of the agreement, Blackstone will contribute to a £110 million fund that will help drive growth along the Northumberland Line, a new railway route opened in December 2024.
This development follows the collapse of a previous plan to use the site for a Britishvolt facility, after the UK startup’s failure last year. With demand for data centres escalating, particularly due to AI advancements, this project is poised to play a crucial role in meeting growing technological needs across Europe.
For more information on these topics, visit diplomacy.edu.
A new proposal by the UK government to alter copyright laws has sparked significant concern among artists, particularly in Devon. The changes would allow AI companies to use the content found on the internet, including artwork, to help train their models unless the creators opt-out. Artists like Sarah McIntyre, an illustrator from Bovey Tracey, argue that such a shift could undermine their rights, making it harder for them to control the use of their work and potentially depriving them of income.
The Devon Artist Network has expressed strong opposition to these plans, warning that they could have a devastating impact on creative industries. They believe that creators should retain control over their work, without needing to actively opt out of its use by AI. While some, like Mike Phillips from the University of Plymouth in the UK, suggest that AI could help artists track copyright violations, the majority of artists remain wary of the proposed changes.
The Department for Science, Innovation and Technology has acknowledged the concerns and confirmed that no decisions have yet been made. However, it has stated that the current copyright framework is limiting the potential of both the creative and AI sectors. As consultations close, the future of the proposal remains uncertain.
For more information on these topics, visit diplomacy.edu.
Microsoft’s UK boss has warned that many companies are ‘stuck in neutral’ when it comes to AI, with a significant number of private and public sector organisations lacking any formal AI strategy. According to a Microsoft survey of nearly 1,500 senior leaders and 1,440 employees in the UK, more than half of executives report that their organisations have no official AI plan. Additionally, many recognise a growing productivity gap between employees using AI and those who are not.
Darren Hardman, Microsoft’s UK chief executive, stated that some companies are caught in the experimentation phase rather than fully deploying AI. Microsoft, a major backer of OpenAI, has been promoting AI deployment in workplaces through autonomous AI agents designed to perform tasks without human intervention. Early adopters, like consulting giant McKinsey, are already using AI agents for tasks such as scheduling meetings.
Hardman also discussed AI’s potential impact on jobs, with the Tony Blair Institute estimating that AI could displace up to 3 million UK jobs, though the net job loss will likely be much lower as new roles are created. He compared AI’s transformative impact on the workplace to how the internet revolutionised retail, creating roles like data analysts and social media managers. Hardman also backed proposed UK copyright law reforms, which would allow tech companies to use copyright-protected work for training AI models, arguing that the changes could drive economic growth and support AI development.
For more information on these topics, visit diplomacy.edu.
Britain’s competition regulator has approved Synopsys’ $35 billion acquisition of Ansys after the companies addressed concerns about the potential negative impact on innovation and pricing.
In December, the regulator raised alarms that the deal could reduce competition in the chip design software market, possibly leading to higher prices and less innovation.
However, following negotiations and the companies’ offer of remedies to mitigate these concerns, the regulator decided not to refer the deal for an in-depth phase-2 investigation.
Synopsys, a major player in the chip design software industry, announced the acquisition in January. The deal, which will be a mix of cash and stock, aims to strengthen Synopsys’ portfolio and expand its offerings in the design and development of complex products.
Ansys, a well-established provider of simulation software, is used by a range of industries, from aerospace to sports equipment, to design and optimise products like aeroplanes and tennis rackets.
The acquisition marks a significant move for Synopsys, enhancing its capabilities in the design and development of advanced technology.
The deal is expected to bring together the strengths of both companies, allowing them to offer a broader set of solutions to customers in various sectors, from semiconductor manufacturing to engineering and consumer goods.
For more information on these topics, visit diplomacy.edu.
Britain’s media regulator, Ofcom, has set a 31 March deadline for social media and online platforms to submit a risk assessment on the likelihood of users encountering illegal content. This move follows new laws passed last year requiring companies such as Meta’s Facebook and Instagram, as well as ByteDance’s TikTok, to take action against criminal activities on their platforms. Under the Online Safety Act, these firms must assess and address the risks of offences like terrorism, hate crimes, child sexual exploitation, and financial fraud.
The risk assessment must evaluate how likely it is for users to come across illegal content, or how user-to-user services could facilitate criminal activities. Ofcom has warned that failure to meet the deadline could result in enforcement actions against the companies. The new regulations aim to make online platforms safer and hold them accountable for the content shared on their sites.
The deadline is part of the UK‘s broader push to regulate online content and enhance user safety. Social media giants are now facing stricter scrutiny to ensure they are addressing potential risks associated with their platforms and protecting users from harmful content.
For more information on these topics, visit diplomacy.edu.
United States officials are reviewing whether the UK breached a bilateral agreement by reportedly pressuring Apple to create a ‘backdoor’ for government access to encrypted iCloud backups.
Apple recently withdrew an encrypted storage feature for UK users following reports that it had refused to comply with such demands, which could have affected users worldwide. The Washington Post reported that Apple rejected the UK government’s request.
The US director of national intelligence, Tulsi Gabbard, confirmed in a letter to lawmakers that a legal review is underway to determine if the UK violated the CLOUD Act.
Under the agreement, neither the US nor the United Kingdom can demand data access for citizens or residents of the other country. Initial legal assessments suggest the UK’s reported demands may have overstepped its authority under the agreement.
Apple has long defended its encryption policies, arguing that creating a backdoor for government access would weaken security and leave user data vulnerable to hackers. Cybersecurity experts warn that any such backdoor, once created, would inevitably be exploited.
The tech giant has clashed with regulators over encryption before, notably in 2016 when it resisted US government efforts to unlock a terrorism suspect’s iPhone.
For more information on these topics, visit diplomacy.edu.
