Tech
Companies House restarts online services following cyber breach | Computer Weekly
Companies House, the UK’s business registrar, has successfully rebooted its online WebFiling service after it emerged that a previously-unknown cyber security issue exposed various data on companies and people associated with them to other logged-in users.
The flaw – which appears to have arisen during a WebFiling update last year – was never accessible to the general public and only logged-in users in possession of an authorised code could have exploited it, Companies House pulled WebFiling offline at lunchtime on Friday 13 March in order to investigate and remediate.
Companies House found the data exposed included dates of birth, residential addresses and company addresses. It also discovered that it may have been possible for people to make unauthorised actions – such as changing directors or even filing accounts.
It stressed that no credentials or data used for identity verification such as passport information, and neither could any existing filed documents have been altered.
Companies House chief executive Andy King said: “We are asking all companies to check their registered details and filing history to make sure everything appears correct. If a company has a concern, please raise a complaint and include evidence to describe the concern.
“I recognise that this incident will have caused concern and inconvenience to many of the companies and individuals who rely on our services. I am sorry for that.
“Companies House takes its responsibility to protect the data entrusted to us extremely seriously. We have taken swift action to secure and restore our service, and are committed to doing everything in our power to support those affected and to making sure that our services continue to merit the trust placed in them,” said King.
The incident has been reported to both the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC). King said that the registrar was still actively analysing its data to try to identify any anomalies. He added: “If we find evidence that anyone has used this issue to access or change another company’s details without authorisation, we will take firm action.”
Simple vulnerability
The issue was first reported to Companies House by Dan Neidle, of non-profit thinktank Tax Policy Associates, on behalf of John Hewitt, operations director at Ghost Mail, a provider of mailing address services.
Writing online Neidle said the vulnerability was “incredibly simple” to exploit. All a logged-in user needed to do was click through the ‘file for another company’ option – which would usually prompt for an authentication code to stop unauthorised access. However, if the logged-in user hit their backspace key a few times they would be sent back not to their own dashboard, but to the ‘target’ company’s.
Neidle said that the two men were able to use the vulnerability to view the private dashboard of another individual – with permission from them – and to successfully modify his own registered address at Companies House. “I was incredulous at what John showed me,” he said.
Was the bug exploited?
It is unclear if the bug was ever exploited, but in Companies House’s view it was also highly unlikely that any systematic access to company records or large-scale data exfiltration took place because any access that did occur would have been limited to individual company records, viewed one at a time, by a registered user.
Neidle noted that the flaw had been live and exploitable since October 2025, which meant there is a distinct policy that it was discovered by a threat actor. He said that if this had been the case, it was likely used “carefully, selectively and for profit” because broad exploitation would have been swiftly discovered.
William Wright, CEO of Closed Door Security, said the ability to access and edit company details presented a huge amount of leeway for both explicit and subtle fraud, and had caused serious uncertainty around a system used by the vast majority of UK companies.
“Company directors and C-suite are already lucrative targets for phishing and fraudsters: these individuals typically have privileged access in company systems and are privy to sensitive and valuable information,” said Wright.
“Being able to acquire details like home addresses, etc. makes targeted attacks like spear phishing against these individuals far more viable and increases the potential for many other kinds of fraud and targeted harassment. This is to mention nothing of the GDPR implications were information to be exposed.”
He continued: “That companies’ registration details could also be modified presents obvious problems. Companies can be penalised in various ways for providing inaccurate information when filing, and this can lead in some instances to serious accusations of fraud. The fact details could be modified by anyone without authorisation could raise serious problems for future investigations, especially if there’s any suspicion of tampering.”
Wright added that the length of time for which the flaw went undetected also raises more serious questions for Companies House as it suggests the body tasked with providing the public with an single, transparent source of accurate information on British businesses, lacked appropriate auditing, logging or testing procedures that might have spotted it sooner, and without outside help.
“If the government and Companies House’s current security testing processes were fit for purpose, flaws like this should not have occurred,” said Wright. “Given that many companies are required by law to use these services, basic testing and data protection are absolutely critical, especially if the government wants to retain its credibility with the business community.”
Armed with some Python and a white-hot sense of injustice, one medical student spent six months trying to figure out whether an algorithm trashed his job application.
Source link
Upgrading your home office can feel like going down a rabbit hole. A simple search for a basic new desk can quickly turn into hours down the drain and endless tabs open on your computer, with every option starting to blur together. Uplift has a loyal following for its super customizable desks, smart (and creative—under-desk hammock, anyone?) accessories, and a solid build quality that makes long workdays more manageable.
We’ve explored the perks of a standing desk, and the takeaway is pretty clear: even if it won’t magically fix everything, the right standing desk setup can make all the difference in the way you work. If you’re ready to make the leap into the standing desk space, starting with an Uplift coupon code is a smart move.
Save up to $570 With This Uplift Desk Coupon Code
If you’ve been waiting for the right time to upgrade your workspace, this is your sign. Right now, you can save up to $570 on standing desks through a mix of tiered discounts and bundled accessories. With the Uplift promo code SPRING, you’ll get $100 off orders of $999 or more, $150 off $1,499, $200 on $1,999, and $300 on $2,999 or more.
Uplift also includes five free accessories (worth up to $270), which is where this deal really comes in clutch, especially if you’re building a full setup. Think practical upgrades like monitor arms to lift your screen to eye level, cable management kits to tame cords, or an anti-fatigue standing mat to make standing on your feet more comfortable. The right ergonomic add-ons can make a real difference in day-to-day comfort, and this Uplift desk promo code accessories offer helps you get there.
Get $20 Off When You Sign up for Uplift Emails
Like many other brands, Uplift rewards their loyal customers. When you sign up for Uplift emails, which include things like product drops and restock alerts, you can save $20 on your order over $199. Not only will you get exclusive discounts, you’ll get email-only deals, early sale access, and special promotions with this Uplift newsletter sign up. Plus, the $20 off your next purchase.
Score Free Shipping on all Orders This Month
Who can say no to free shipping, especially when it’s for a major furniture item like a standing desk? Right now, Uplift is offering free and fast shipping on all orders, no Uplift desk coupon code required. And timing can work in your favor: most orders placed before 3 pm CST ship the same business day, so you’re not stuck refreshing the tracking page for a week. Whether you’re in the middle of an office refresh (or just impatient when it comes to deliveries), this is a major perk.
Claim up to 5 Free Accessories With Your Standing Desk Purchase
A built-in bonus when you buy an Uplift standing desk is that you get up to five free accessories baked into the purchase. You can choose from a huge catalog of over 400 add-ons to go with the desk (honestly, I was overwhelmed at first). Options range from practical to fun, like cable management kits and desk organizer sets to a desk-mounted cup holder and an under-desk hammock. There are even some branded extras, like a stainless steel tumbler and a t-shirt, depending on your vibe.
Use Your FSA Dollars to Get the Most out of Your Desk
Uplift desks may be eligible for reimbursement through your HSA or FSA, which means you could effectively pay for part of your desk setup with pre-tax dollars. This can lead to major savings, especially when stacked with an Uplift promo code.
The process is pretty straightforward: Check out normally (no need to use your HSA/FSA card upfront), then complete a quick health survey through Uplift’s partner program, which will be on your confirmation screen or through your email receipt. If you qualify, a licensed provider will issue a Letter of Medical Necessity, which you can then submit for reimbursement. It’s a few extra steps, but the payoff is worth it, especially if you’ve been eyeing a bigger purchase.
Two days before the Musk v. Altman trial began, Elon Musk asked OpenAI cofounder and president Greg Brockman about reaching a settlement. When Brockman suggested both sides drop their claims, Musk responded, “By the end of this week, you and Sam [Altman] will be the most hated men in America. If you insist, so be it.”
The message—which OpenAI’s lawyers made public on Sunday, and which Judge Yvonne Gonzalez Rogers subsequently refused to let the jury hear about—underscores what may be Musk’s larger goal in this trial. He appears to be trying to not only win over the jurors to potentially remove Brockman and CEO Sam Altman from power, but also stir up dirt on the two men and damage OpenAI’s public image.
As Brockman took the stand on Monday, Musk’s attorney Steven Molo quickly started questioning him about his compensation at OpenAI. Brockman revealed that his equity stake at OpenAI is currently worth more than $20 billion, and perhaps up to $30 billion. While Brockman initially promised to donate $100,000 to OpenAI when it was being set up, he said he ultimately never followed through.
Brockman has held a number of instrumental roles at OpenAI since he cofounded the company in 2015. In the startup’s early days, it operated out of his apartment in the Mission District of San Francisco. Today, he’s deeply involved with refocusing OpenAI on a few key products, such as Codex. In the past year, Brockman has also given millions to super PACs promoting AI and President Trump, and has previously said this increased political spending is related to OpenAI’s founding mission to create artificial general intelligence that benefits all of humanity.
In court on Monday, Molo tried to make the case that Brockman and Altman had essentially looted OpenAI’s original nonprofit, which Musk funded and helped create.
In its early days, OpenAI told investors and employees that its nonprofit mission took precedence over generating profit. Brockman testified that his financial interests are still, to this day, second to OpenAI’s nonprofit mission.
When OpenAI created its for-profit arm in 2019, which received assets from the nonprofit, Brockman testified that he was given a significant stake in the new entity. Early in OpenAI’s history, Brockman had referenced wanting to be a billionaire, writing in his personal journal, “Financially what will take me to $1B?”
On Monday, Molo pressed Brockman for several minutes about the vast wealth he had accumulated beyond his initial goal.
“Why not donate that $29 billion to the OpenAI nonprofit? Why didn’t you do that?” Molo asked. Brockman responded that he and others had poured “blood, sweat, and tears” into building OpenAI in the years since Musk left the company.
OpenAI’s foundation holds a stake of over $150 billion in the company, making it one of the richest nonprofits in history, Brockman said. That’s roughly five times Brockman’s ownership interest. Altogether, OpenAI employees hold about 25 percent of shares. The foundation has 27 percent. Brockman testified that OpenAI’s nonprofit had received less than $150 million from donors, implying Musk had been incidental to the company’s success and that the real drivers were those who stuck around to build out OpenAI.
Of course, Brockman’s stake in OpenAI could be worth much more than $30 billion if the company successfully goes public in the next two years. When asked whether OpenAI was exploring a potential IPO, Brockman said he believes so.
He Couldn’t Land a Job Interview. Was AI to Blame?
North India cotton yarn prices rise despite weak domestic demand
India among most resilient large EMs, better placed for future global shocks; policy reforms & strong buffers help: Moody’s – The Times of India
-
Tech1 week agoA Brain Implant for Depression Is About to Be Tested in Humans
-
Business1 week ago‘I had £20,000 stolen and had to fight a 13-month fraud reporting rule to get it back’
-
Tech1 week agoAlmost 90% of women leave tech industry within 10 years | Computer Weekly
-
Sports7 days agoPro wrestling star Steph De Lander reveals how colleague’s advice helped lead her to title triumph at ACW
-
Business1 week agoPakistan’s oil market is fuelling the crisis | The Express Tribune
-
Entertainment1 week agoNorway joins Type 26 Frigate Programme to boost NATO naval power
-
Entertainment1 week agoMelania Trump says ABC should ‘take a stand’ on late-night host Kimmel
-
Tech1 week agoThis Ambitious Laptop Doesn’t Leave Much Room for Your Hands