Tech
Companies House restarts online services following cyber breach | Computer Weekly
Companies House, the UK’s business registrar, has successfully rebooted its online WebFiling service after it emerged that a previously-unknown cyber security issue exposed various data on companies and people associated with them to other logged-in users.
The flaw – which appears to have arisen during a WebFiling update last year – was never accessible to the general public and only logged-in users in possession of an authorised code could have exploited it, Companies House pulled WebFiling offline at lunchtime on Friday 13 March in order to investigate and remediate.
Companies House found the data exposed included dates of birth, residential addresses and company addresses. It also discovered that it may have been possible for people to make unauthorised actions – such as changing directors or even filing accounts.
It stressed that no credentials or data used for identity verification such as passport information, and neither could any existing filed documents have been altered.
Companies House chief executive Andy King said: “We are asking all companies to check their registered details and filing history to make sure everything appears correct. If a company has a concern, please raise a complaint and include evidence to describe the concern.
“I recognise that this incident will have caused concern and inconvenience to many of the companies and individuals who rely on our services. I am sorry for that.
“Companies House takes its responsibility to protect the data entrusted to us extremely seriously. We have taken swift action to secure and restore our service, and are committed to doing everything in our power to support those affected and to making sure that our services continue to merit the trust placed in them,” said King.
The incident has been reported to both the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC). King said that the registrar was still actively analysing its data to try to identify any anomalies. He added: “If we find evidence that anyone has used this issue to access or change another company’s details without authorisation, we will take firm action.”
Simple vulnerability
The issue was first reported to Companies House by Dan Neidle, of non-profit thinktank Tax Policy Associates, on behalf of John Hewitt, operations director at Ghost Mail, a provider of mailing address services.
Writing online Neidle said the vulnerability was “incredibly simple” to exploit. All a logged-in user needed to do was click through the ‘file for another company’ option – which would usually prompt for an authentication code to stop unauthorised access. However, if the logged-in user hit their backspace key a few times they would be sent back not to their own dashboard, but to the ‘target’ company’s.
Neidle said that the two men were able to use the vulnerability to view the private dashboard of another individual – with permission from them – and to successfully modify his own registered address at Companies House. “I was incredulous at what John showed me,” he said.
Was the bug exploited?
It is unclear if the bug was ever exploited, but in Companies House’s view it was also highly unlikely that any systematic access to company records or large-scale data exfiltration took place because any access that did occur would have been limited to individual company records, viewed one at a time, by a registered user.
Neidle noted that the flaw had been live and exploitable since October 2025, which meant there is a distinct policy that it was discovered by a threat actor. He said that if this had been the case, it was likely used “carefully, selectively and for profit” because broad exploitation would have been swiftly discovered.
William Wright, CEO of Closed Door Security, said the ability to access and edit company details presented a huge amount of leeway for both explicit and subtle fraud, and had caused serious uncertainty around a system used by the vast majority of UK companies.
“Company directors and C-suite are already lucrative targets for phishing and fraudsters: these individuals typically have privileged access in company systems and are privy to sensitive and valuable information,” said Wright.
“Being able to acquire details like home addresses, etc. makes targeted attacks like spear phishing against these individuals far more viable and increases the potential for many other kinds of fraud and targeted harassment. This is to mention nothing of the GDPR implications were information to be exposed.”
He continued: “That companies’ registration details could also be modified presents obvious problems. Companies can be penalised in various ways for providing inaccurate information when filing, and this can lead in some instances to serious accusations of fraud. The fact details could be modified by anyone without authorisation could raise serious problems for future investigations, especially if there’s any suspicion of tampering.”
Wright added that the length of time for which the flaw went undetected also raises more serious questions for Companies House as it suggests the body tasked with providing the public with an single, transparent source of accurate information on British businesses, lacked appropriate auditing, logging or testing procedures that might have spotted it sooner, and without outside help.
“If the government and Companies House’s current security testing processes were fit for purpose, flaws like this should not have occurred,” said Wright. “Given that many companies are required by law to use these services, basic testing and data protection are absolutely critical, especially if the government wants to retain its credibility with the business community.”
Tech
Everpure’s Evergreen One for AI brings Exa flash and GPU-based service-level agreements | Computer Weekly
Everpure has announced Evergreen One for AI, a performance-backed consumption model for artificial intelligence (AI) that extends to use of its FlashBlade//Exa high-performance storage. Meanwhile, the company – known as Pure Storage until recently – has announced the beta release of its Datastream automated AI pipeline appliance.
Evergreen One for AI differs from existing flexible capacity offers in the Everpure range by providing use of FlashBlade//Exa and service-level agreements (SLA) based on graphics processing unit (GPU) count. The aim here is to ensure that the storage environment provides the throughput to keep GPU resources fully utilised.
FlashBlade//Exa, Everpure’s highest-performance platform, was previously excluded from the Evergreen One consumption model.
Exa aims at AI and high-performance computing (HPC) workloads that demand extremely high throughput, likely in customers between large enterprise users of AI and the hyperscalers.
At its launch, FlashBlade//Exa introduced an architecture to the Pure product line in which metadata and bulk storage are disaggregated with different hardware and protocols in use.
Kaycee Lai, vice-president for AI with Everpure, said Evergreen One for AI shifted the financial and operational risk away from the customer. “Specifically, we have an offering which we call Evergreen One for AI,” he said. “The big difference for AI is that we set the performance level of the offering based on the number of GPUs that you have … it is an SLA-backed performance guarantee.”
Evergreen One and Flex are Pure Storage’s pay-as-you-go procurement models, while Forever involves upfront purchase with built-in upgrades.
Automating the RAG pipeline
Everpure also announced the beta availability of Datastream. First previewed in late 2024, Datastream is a “single SKU” appliance that integrates Nvidia GPUs with Everpure storage. It is designed to tackle the “data readiness” challenge, said Lai. This refers to the oft-cited statistic that data teams spend 80% of their time preparing unstructured data for use.
The appliance automates the retrieval-augmented generation (RAG) pipeline, which includes ingest, curation and vectorisation of data. By providing an integrated hardware and software stack, Everpure aims to provide an “easy button” for enterprises building chatbots or autonomous agents, he said.
The software capability behind Datastream was built in-house, though it can connect to third-party data sources including Dell, HP and NetApp environments, as well as cloud-resident data. This flexibility allows the appliance to act as a central hub for AI readiness regardless of where the data lives.
“Today, people run RAG pipelines … they do the chunking, the embedding, the indexing to make sure that the data is going to be accurate and relevant so that chatbot agents can consume them in a specific format,” said Lai. “That takes up about 80% of most data teams’ time because there’s no standard tool.”
Underpinning performance
To support these launches, Everpure revealed new benchmarks intended to validate its hardware under AI stress. In MLPerf 2.0 testing, the company claimed the top spot for checkpointing – a critical function for saving the state of a model during long training runs – reporting results up to two times better than competitors such as Huawei and Vast.
The company also cited Spec Storage AI image benchmarks, where it outperformed NetApp’s AFX platform by approximately 20%, he said.
Early in the Covid-19 pandemic, the governor of New Jersey made an unusual admission: He’d run out of COBOL developers. The state’s unemployment insurance systems were written in the 60-year-old programming language and needed to be updated to handle the hundreds of thousands of claims. Trouble was, few of the state’s employees knew how to do that. And the crisis went beyond New Jersey, just one of many states that depended on these unwieldy systems. By one rough calculation, COBOL’s inefficiencies cost the US GDP $105 billion in 2020.
You might think New Jersey would have replaced its system after this—and that Covid was COBOL’s last gasp. Not quite. The state’s new unemployment system came with a number of quality-of-life improvements, but on the backend, it was still made possible by a mainframe running the ancient language.
COBOL, short for Common Business-Oriented Language, is the most widely adopted computer language in history. Of the 300 billion lines of code that had been written by the year 2000, 80 percent of them were in COBOL. It’s still in widespread use and supports a large number of government systems, such as motor vehicle records and unemployment insurance; on any given day, it can handle something on the order of 3 trillion dollars’ worth of financial transactions. I think of COBOL as a kind of digital asbestos, almost ubiquitous once upon a time and now incredibly, dangerously difficult to remove.
COBOL was first proposed in 1959 by a committee comprising most of the US computer industry (including Grace Hopper). It called for “specifications for a common business language for automatic digital computers” to solve a growing problem: the expense of programming. Programs were custom-written for specific machines, and if you wanted to run them on something else, that meant a near-total rewrite. The committee approached the Department of Defense, which happily embraced the project.
COBOL’s design set it apart from other languages both then and now. It was meant to be written in plain English so that anybody, even nonprogrammers, would be able to use it; symbolic mathematical notation was added only after considerable debate. Most versions of COBOL allow for the use of hundreds of words (Java permits just 68), including “is, “then,” and “to,” to make it easier to write in. Some have even said COBOL was intended to replace computer programmers, who in the 1960s occupied a rarified place at many companies. They were masters of a technology that most people could barely comprehend. COBOL’s designers also hoped that it would generate its own documentation, saving developers time and making it easy to maintain in the long run.
But what did it even mean to be readable? Programs aren’t books or articles; they’re conditional sets of instructions. While COBOL could distill the complexity of a single line of code into something anybody could understand, that distinction fell apart in programs that ran to thousands of lines. (It’s like an Ikea assembly manual: Any given step is easy, but somehow the thing still doesn’t come together.) Moreover, COBOL was implemented with a piece of logic that grew to be despised: the GO TO statement, an unconditional branching mechanism that sent you rocketing from one section of a program to another. The result was “spaghetti code,” as developers like to say, that made self-documenting beside the point.
Plenty of computer scientists had issues with COBOL from the outset. Edsger Dijkstra famously loathed it, saying, “The use of COBOL cripples the mind; its teaching should, therefore, be regarded as a criminal offense.” Dijkstra likewise hated the GO TO statement, arguing that it made programs nearly impossible to understand. There was a degree of real snobbishness: COBOL was often looked down on as a purely utilitarian language that was intended to solve boring problems.
Jean Sammet, one of the original designers, saw it differently—the language simply had the complicated task of representing complicated things, like social security. Or as another defender wrote, “Regrettably, there are too many such business application programs written by programmers that have never had the benefit of structured COBOL taught well.” Good COBOL was indeed self-documenting, but so much depended on the specific programmer. Fred Gruenberger, a mathematician with the Rand Corporation, put it this way: “COBOL, in the hands of a master, is a beautiful tool—a very powerful tool. COBOL, as it’s going to be handled by a low-grade clerk somewhere, will be a miserable mess.”
Market data from analyst IDC has shown that SuperMicro has leapfrogged established server makers Lenovo and HPE as the second-largest PC server maker behind Dell.
SuperMicro experienced growth of almost 134% for the fourth quarter of 2025 with revenue of $11.7bn, which means it accounts for over 9% of the global server market. Dell was ahead with 10% market share and revenue of $12.6bn, while Chinese manufacturer IEIT Systems took the third spot, with revenue of $5.2bn and a 4% market share ahead of Lenovo, which posted revenue of $5.1bn, and HPE ($3.9bn).
“The race for AI [artificial intelligence] adoption is settling the market pace, and with companies starving for infrastructure looking not only at GPUs [graphics processing units], but also consuming more CPUs [central processing units] among other components in order to feed their needs, we are going to see more price pressures, and that may impact on market dynamics with less units but higher average selling prices going forward,” said Juan Seminara, research director of Worldwide Enterprise Infrastructure Trackers at IDC.
IDC noted that volatile increasing prices on certain components such as GPUs, dynamic random access memory (DRAM) and solid state drives (SSDs) has meant that some companies have been trying to secure prices ahead while the industry is accommodating to the new reality. It predicted that the impact of this price volatility could be hitting harder during 2026 as demand keeps outpacing service capacity in the near term.
Besides Dell, the established server makers seem to be losing ground in the server market. But they appear to be looking at a new market opportunity being pushed by chipmaker AMD, which is the deployment of on-premise PC servers optimised to run agentic AI.
In a bid to entice IT buyers away from cloud-based AI hardware, AMD has unveiled what it sees as a new category of PC called Agent Computers. In a post on the AMD website, the company described how to run OpenClaw, the open source AI agent, locally on AMD Ryzen AI Max+ processors and Radeon GPUs using a Windows 11 PC with the Windows Subsystem for Linux (WSL).
AMD said the PC system configured with 128GB unified memory is capable of running “cloud-quality AI agent workloads efficiently” using OpenClaw. According to its own benchmark data, with the Qwen 3.5 35B A3B model, the system delivers around 45 tokens per second and processes 10,000 input tokens in about 19.5 seconds. AMD said the configuration supports a maximum context window of 260,000 tokens, and can run up to six agents concurrently, which it said means it is able to deliver scalable local AI experimentation while maintaining strong responsiveness on consumer hardware.
AMD sees such a system running autonomously rather like the pre-cloud era branch office servers, handling tasks sent by users through a browser user interface on another Windows PC, or via Slack or WhatsApp.
PC makers that have “agent-ready” PCs include HP, Lenovo and Asus. The IDC figures show that revenue for servers with an embedded GPU in the fourth quarter of 2025 grew 59.1% year-over-year, representing more than half of the total server market revenue.
The AMD Ryzen AI Max+ has an integrated GPU, and is currently one of the processor options for PCs certified as Copilot+ devices. While these devices are either laptops or desktop PCs with monitors, AMD’s Agent Computer appears to be positioned as more of a traditional desktop Windows PC running as a server, without a screen or keyboard. The setup AMD provides is optimised to run LM Studio. This uses Ubuntu on the WSL to provide access to large language models, which then work with an OpenClaw server running locally on the same hardware.
Leny Yoro: Man United players wanted Casemiro to stay
Conan O’Brien hilariously reveals what saved marriage to Liza Powel
What is NIL in college sports? How do athlete deals work?
Stock market crash today (March 12, 2026): Nifty50 opens below 23,600; BSE Sensex down over 900 points on continuing US-Iran war – The Times of India
Intertextile Shanghai 2026: Fringe events spotlight market trends
Longtime Blackhawks great and broadcaster Troy Murray dies at 63, team says
-
Business5 days ago
Stock market crash today (March 12, 2026): Nifty50 opens below 23,600; BSE Sensex down over 900 points on continuing US-Iran war – The Times of India
-
Fashion7 days agoIntertextile Shanghai 2026: Fringe events spotlight market trends
-
Sports1 week agoLongtime Blackhawks great and broadcaster Troy Murray dies at 63, team says
-
Business1 week agoGold On Sale In Dubai? Here’s Why Prices Have Dropped By $30 Per Ounce
-
Sports1 week ago2026 NCAA Tournament Berth Tracker: Automatic Bids, Championship Game Times, and Defending Champs
-
Fashion1 week agoRemoving NTBs could boost trade with US: Bangladesh commerce minister
-
Sports1 week agoKyle Schwarber leads Team USA to 9-1 World Baseball Classic win over Britain
-
Entertainment6 days agoWhat time will NASA’s 600 kg satellite crash to Earth today— 14 years after launch?