Tech
Government faces questions about why US AWS outage disrupted UK tax office and banking firms | Computer Weekly
The UK government is being pressed for a response as to why a major, multi-hour Amazon Web Services (AWS) outage in the US disrupted UK-based organisations, including HM Revenue & Customs (HMRC) and Lloyds Banking Group.
The outage, which AWS confirmed started just before 8am UK time on 20 October, originated in AWS’s US-East-1 datacentre region in North Virginia, and caused large-scale disruption to a host of companies across the world, including in the UK.
The US-East-1 region is renowned for being Amazon’s first and flagship cloud region, as well as its largest, and is often the place where the public cloud giant rolls out new services to customers first.
For this reason, it is not unheard of for service issues with the US-East-1 region to blight overseas users of the firm’s cloud technologies.
But with concerns mounting in the UK (and other geographies) about the public and private sector’s over-reliance on US-based big tech platforms, the outage has led to renewed calls for greater transparency about the resiliency of the nation’s hosting arrangements.
“The narrative of bigger is better and biggest is best has been shown for the lie it always has been,” Owen Sayers, an independent security architect and data protection specialist with a long history of working in the public sector, told Computer Weekly. “The proponents of hyperscale cloud will always say they have the best engineers, the most staff and the greatest pool of resources, but bigger is not always better – and certainly not when countries rely on those commodity global services for their own national security, safety and operations.
“Nationally important services must be recognised as best delivered under national control, and as a minimum, the government should be knocking on AWS’s door today and asking if they can in fact deliver a service that guarantees UK uptime,” he said. “Because the evidence from this week’s outage suggests that they cannot.”
Government use of cloud under scrutiny
AWS has vowed to publish a detailed “post-event summary” detailing the causes of the outage and the steps it had to take to bring services back online.
In the meantime, and in line with Sayers’ recommendations, HM Treasury is already being asked to account for why it has not used powers conferred on it earlier this year to ensure suppliers like AWS are up to the job of delivering resilient cloud services to organisations in the financial services sector.
The chair of the Treasury Select Committee, Meg Hillier, published a letter she has written to the economic secretary, Lucy Rigby, that appears to have been penned during the AWS outage.
The letter calls on Rigby for clarification about why, despite having the power to do so since January 2025, the Treasury has apparently so far neglected to add AWS to its Critical Third Parties (CTP) list of suppliers.
This designation, which was introduced through changes made to the Financial Services and Markets Act 2020 in November 2024, is intended to provide the UK’s financial regulators with the means to include third-party suppliers to the sector within their supervisory scope – the idea being that doing so might help better manage any potential risks to the stability and resilience of the UK financial system that might arise as a result of a third-party supplier suffering from service disruption, as happened on 20 October with AWS.
As stated in Hillier’s letter, it appears the Treasury is yet to call any suppliers into the scope of the CTP regime, including AWS, which is known to be a supplier to a large number of UK financial services institutions.
“In light of today’s major outage at Amazon Web Services … why has HM Treasury not designated Amazon Web Services or any other major technology firm as a CTP for the purposes of the Critical Third Parties Regime,” asked Hillier, in the letter. “[And] how soon can we expect firms to be brought into this regime?”
Hillier also asked HM Treasury for clarification about whether or not it is concerned about the fact that “seemingly key parts of our IT infrastructure are hosted abroad” given the outage originated from a US-based AWS datacentre region but impacted the activities of Lloyds Bank and also HMRC.
On the latter point, Hiller asked: “What work is HM Treasury doing with HMRC to look at what went wrong, and how this may be prevented in future?”
Computer Weekly contacted HM Treasury for details of its response to Hillier’s letter, and to seek clarification on whether it has plans to imminently add AWS to the CTP list. It also asked if the Treasury has concerns about parts of the UK’s banking infrastructure being hosted overseas, in the wake of the outage.
A spokesperson for the government department did not directly answer the questions posed by Computer Weekly, but did provide the following statement in response:
“We know the threat cyber attackers present, which is why we are working with regulators to establish a Critical Third-Party regime, so we can hold firms providing these services to the same high standards as other financial services institutions,” the Treasury statement read.
UK reliance on overseas clouds
Hillier’s question to the Treasury about whether it has any concerns about key parts of the UK’s IT infrastructure being hosted overseas is being echoed by other UK cloud market watchers and stakeholders in the wake of the outage.
“We should be asking the obvious question: why are so many critical UK institutions, from HMRC to major banks, dependent on a datacentre on the east coast of the US?” said Mark Boost, CEO of London-based cloud services provider Civo.
“Sovereignty means having control when incidents like this happen – but too much of ours is currently outsourced to foreign cloud providers. The AWS outage is yet another reminder that when you put all your eggs in one basket, you’re gambling with critical infrastructure.
“When a single point of failure can take down HMRC, it becomes clear that our reliance on a handful of US tech giants has left core public services dangerously exposed,” he said.
AWS has operated a UK datacentre region since 2016, with a key selling point of these facilities being that it would allow UK-based organisations to access locally hosted versions of its public cloud services.
This adds further weight to Boost and Hillier’s line of questioning about why a US outage impacted UK-based organisations when, presumably, these organisations should be relying on the UK region to access AWS services.
When Computer Weekly put this question to AWS, citing the disruption caused to HMRC during the outage as an example, a company spokesperson advised the publication to direct that comment directly to the government tax agency.
Shared responsibility model
That response (or lack thereof) potentially speaks to the notion of the “shared responsibility model” that AWS subscribes to, whereby the organisation considers security, compliance and the resilience of its customers’ cloud environments to be something of a shared burden.
As detailed on the company’s Shared Responsibility Model reference web page, this setup is designed to “relieve” AWS customers of the operational burden of running their own cloud infrastructure, but they remain responsible for whatever data they choose to host in it.
“Customers should carefully consider the services they choose [to host in AWS] as their responsibilities vary depending on the services used, the integration of those services into their IT environment, and applicable laws and regulations,” said AWS.
“The nature of this shared responsibility also provides the flexibility and customer control that permits the deployment.”
Speaking to Computer Weekly, Brent Ellis, principal analyst at IT market watcher Forrester, said the fact the outage originated in the AWS US-East-1 region and impacted UK organisations suggests “at least some part” of the HMRC and Lloyds setups had a dependency on that region.
“That would have been an architecture choice by those companies, but not necessarily a fault of AWS,” said Ellis. “That dependency could also have been introduced by a nested SaaS [software as a service] component for the organisations involved.
“Generally, I think this shows how complex and interconnected modern cloud-based infrastructure is, and that is a problem from a resilience perspective, especially if you do not have visibility into the nested dependencies that underlie your business technology stack.”
Regulatory intervention
Because of the impact such dependencies can have, Ellis is of the view that the AWS outage may prompt calls for regulatory intervention to prevent a repeat of it, in a similar vein to what Hiller and her colleagues on the Treasury Select Committee are calling for. “I do think it gives fodder to the greater push for sovereign cloud,” he said. “It also will probably spur regulation to increase visibility into dependencies and fault domains for critical sectors like finance.”
What users of hyperscale cloud services, such as AWS, need to know is what services and capabilities within their chosen suppliers’ extended portfolios are hosted in the UK, and how resilient they are, added Sayers.
To highlight why this is important, he cited the findings of a series of investigations into Microsoft’s cloud hosting arrangements in the Scottish policing sector that he worked with Computer Weekly to make public.
That work resulted in an initial disclosure from Microsoft that it could not guarantee the sovereignty of UK policing data stored and processed in its M365 platform.
This was later followed up with further revelations that policing data hosted in the Microsoft cloud could be processed in more than 100 countries, without users explicitly knowing about it.
“We already know Microsoft do not have a UK-based capability for all their services, but we need to know exactly what the [overseas hyperscalers] can deliver in the country and how resilient that actually is,” said Sayers. “We need to properly understand their points of failure and how they can be engineered around.”
Some of the hyperscalers have sought to evade answering questions on this point, claiming the information is commercially sensitive, he continued. “That’s not a defence we can tolerate anymore,” said Sayers. “These services are increasingly friable, increasingly complex and increasingly hidden from our view. If we are to rely on them, we need to know they are reliable, and if they aren’t then we need to pivot – at least for critical services.”
Customer-created issues
Ellis’s colleague, Dario Maisto, is a senior analyst at Forrester, who told Computer Weekly that AWS is aware that customer-created, cross-region architectural dependencies are part of a “bigger sovereignty problem” facing its European customer base.
“[AWS] is about to launch a perfect replica of its services [in Europe] under the AWS EU [European Union] sovereign cloud offer, with the first isolated [sovereign] region in Germany,” he said.
“In fact, the only way a client can be sure that its data and workloads do not suffer from any dependency from infrastructure abroad is physical and logical isolation of the cloud regions the client uses [so that it] must not be possible at all that the client is able to make any choice that creates a dependency on foreign infrastructure.”
Achieving this outcome, continued Maisto, means all of the services the customer needs must be hosted within the isolated region as the only ones the client can access. “A data boundary or a commitment to the market cannot guarantee what only a precise architectural construct of the client’s cloud environment can grant,” he added.
AWS is far from the only cloud provider to suffer an outage, and any cloud company an enterprise entrusts their data to could suffer a similar fate at some point in their existence.
However, Civo’s Boost said the incident highlights why enterprises should be looking to diversify their pool of cloud providers, but also why governments and regulators need to be taking a closer look at how much of the world’s infrastructure runs on a relatively small number of hyperscale cloud platforms.
“The more concentrated our infrastructure becomes, the more fragile and externally governed it is,” he said. “If Europe is serious about digital sovereignty, it needs to accelerate its shift towards domestically governed and diversified infrastructure. Governments and regulators have a responsibility to create the conditions for real competition. That means rethinking procurement, funding sovereign alternatives and making resilience a baseline requirement.”
You don’t need a four-figure Swiss movement to know what time it is—or look good doing it. One of the most wonderful things about “budget” watches today (although it’s kinder, or more appropriate, to say “affordable”) is that brands have learned to take design cues from luxury timepieces while quietly getting very good at the fundamentals: reliable movements, thoughtful materials, and proportions that don’t scream “cheap.” Take a look at the Orient in WIRED’s selection below as a prime example.
It could easily be argued that we’re in a golden age of affordable horology (see our full guide here for definitive proof), where, if you choose wisely, $350 or less can buy everything from a desirable dress watch, or a high-end collaboration, and even a supremely capable and classically chic diver. Pieces that will see you right from sunken wreck to boardroom table. And let’s not forget the retro allure of digital watches right now, either, with the Shark Classic not only being one of our favorites here, but at $70, it’s also the most affordable.
Moreover, should you decide to bag more than a few (and who could blame you at these prices?), we’ve even got the perfect carry case picked out: Nanuk’s IP67 waterproof and dustproof NK-7 resin $175 910 Watch Case (pictured above) with patented PowerClaw latching system—ideal for securing any timepiece collection, be it bargain or big budget.
Be sure to check out our other wearable coverage, including the Best Budget Watches Under $1,000, Best Smartwatches, Best Fitness Trackers, and Best Smart Rings.
Same as the Five Senses deck above, this scratch-off card set happens in sequence, with optional “level up” cards to really push intimacy, and separate cards for each partner with secret directions. For this date, you’ll both bring a red item that you show at certain points to signify that you’re open to physical touch. Then you’ll go out to dinner and have intentional conversation, and every time a partner pulls out the red item, you’ll follow the prompts to initiate increasingly intimate physical acts, ranging from hand holding to neck kisses. So there we were, at Illegal Taqueria, edging each other over al pastor tacos (I kid).
Many of the cards urged a partner not to interrupt or solve problems, but ask questions and talk dirty. My date said, “I think this may be for couples who hate each other.” I had to agree. The second part of the date involved driving and stoplights, but since we were in Brooklyn, we walked down the trash-filled sidewalk and pretended to be a suburban couple on the fritz instead.
The rest of the date included buying things for sexy time, like whipped cream and blindfolds. I’m vegan and had no desire to lick cream from chest hair, so we came home, stripped, and did our best to keep our eyes closed (in lieu of a blindfold). It was overall a strange experience for us both, I think. If you and your partner need a lot of prompting to connect, compliment, and be physical, this set is for you.
Date: Greg, 10/10 (Note: I didn’t find this man on Hinge; I met him the old-fashioned way, in a bar at 2 am.)
Box: 6/10
Valentine’s Day is a sneaky one. It’s easy to let grabbing fun and unique Valentine’s Day gifts fall to the wayside while you recover from the Christmas holidays, but it’s not one to miss if you have a partner you want to shower with a little extra love.
If you’re feeling too wiped to shop, good news: I’ve got you covered. I’ve rounded up some of our favorite ideas for the year’s most romantic holiday, from Lego sets you can build as a date and date boxes filled with ideas to last you all year long to gorgeous flowers you can get delivered in a snap and cozy robes you’ll want to lounge in together. This guide all the Valentine’s Day gifts we’re excited to give this year.
Curious about what else we recommend? Don’t miss our Gifts for Lovers, Gifts for Moms, Gifts for Plant Lovers, Gifts for People Who Work from Home, and Best Blind Boxes for more gifts and shopping ideas.
Table of Contents
For a Gift That’s a Date
My husband and I are planning our fourth or fifth year of our favorite Valentine’s Day Date: building Lego sets together. We’ve done this for years, and then we get to enjoy the fruits (well, flowers) of our labor around the home forevermore. These sets serve as both the gift and the activity. Building the dried-flower centerpiece together was probably my all-time favorite, since you can each simultaneously work on one half and then click it together at the end, followed by each building a different-color bonsai tree.
For a Daytime Adventure
Retrospec
Weekender Crew Multi-Person Inflatable Paddle Board
Building on the idea of date activities that involve gifts, this multi-person paddleboard is a fun way to spend time outdoors while staying together the entire time. It’s massive, almost raftlike, so that it can support the weight of up to three adults, but once we got the hang of the size, it wasn’t hard to maneuver. Sometimes we’d both row together, sometimes I’d let my husband do all the work. It made for a lovely daytime adventure together, and I can’t wait for the next warm day for my husband and me to take this out on our local harbor again. It’s big enough that we could bring our son, though it’s much more peaceful as a date activity. It’s inflatable, and I’d recommend grabbing an electric filler since it takes a lot of manual pumping otherwise.
For Flowers on Demand
Photograph: Boutayna Chokrane
The classic go-to for Valentine’s Day is, of course, flowers. WIRED reviewer Boutayna Chokrane tested several flower delivery services to find the best one to get sent to your home, and her favorite is the Ode à la Rose, specifically the Edith arrangements. The business was created by two former French bankers, and the arrangements’ design choices feel distinctly chic in a way only French romance can. The Edith bouquet is entirely Columbus double tulips from Holland, and come hand-tied in a travel vase a fun pink box. The flowers ship nationwide, and there’s same-day shipping in New York, Chicago, Los Angeles, Austin, Miami, and Washington, DC.
For a Jewelry Upgrade
Maybe you’ve already exchanged rings, or maybe you’re looking for your first set without committing to I do. Either way, the most popular fitness tracker to get these days is a smart ring, and Oura is the ruler of the space. The latest model is the Ring 4, and it comes in both metallic and ceramic finishes. Many of my friends love theirs. I wish I had one, but they don’t make sense for my husband and me since we’re an aerialist and rock climber duo. Live my dreams for me and get this for your valentine (and yourself)!
For Your Fave Photographer
If your romantic partner loves to capture photos, a digital photo frame is the perfect gift (and you’ll benefit, too, as likely the number one fan of their photography!). I’m the photographer of our house, and our Aura frame is my husband’s favorite gadget because it showcases photos I’ve captured of our son and life together over the years. Our wedding photos can be found on there too, as well as the occasional good photo of me that he’s captured. It’s a monthly ritual for me to go through my camera roll and add my latest favorites. Aura’s my favorite because the range of frames is beautiful, and the storage is unlimited with no fees or subscriptions.
For the Cozy Couple
One of my favorite souvenirs I have around the house is a matching robe set that my husband and I bought on our honeymoon. Our all-cotton robes are from the Ten Thousand Waves Japanese spa in New Mexico (the final destination of a Southwestern US road trip) and are great for taking to the pool or using after a shower on a hot day. But I still love a good fluffy robe during the colder season, especially since it can double as a towel. Get your partner one of these cozy robes to give them something luxurious to use after their next everything shower or quick rinse-off. Cozy Earth’s robe is crazy-soft thanks to its blend of cotton and bamboo viscose, while this flannel robe from L.L.Bean is one of our favorites for anyone who works from home.
For Your Inner Theater Kids
If your partner loves to sing along to the Wicked soundtrack and is regularly suggesting karaoke as a group activity, then give them the gift of making karaoke happen anywhere with these gadgets. The Bonaok Karaoke Microphone is one of our favorite karaoke microphones, letting you sing anywhere without lugging bulky equipment. The Ikarao Shell S2 is a portable device with two mics, a built-in screen, and support for streaming services, so you can sing along to your favorite songs on Spotify.
For the Fitness Couple
After the Christmas season, I saw a video on my For You page that roasted how every mom had clearly gotten a matching workout outfit set for Christmas and was out wearing it on Boxing Day. As a mom myself, all I could think of was how much I would love another matching workout set. I’m serious. They’re great for workouts, quick errands, and day care or school drop-off. My latest favorite set is from Bombshell Sportswear. The set is both super soft and fits securely without any annoying squeezing. It’s getting the most compliments of all my sets. I wish I’d sized up with the bolero, but as an aerialist, my lat muscles are a little bulkier than an everyday person’s.
Have a partner who doesn’t need a matching set? Try some fantastic running shoes instead, which are even more useful for both workouts and daily life. WIRED reviewer Adrienne So says these R.A.D. shoes are fantastic for a range of uses, as they’re designed for gym, HIIT, CrossFit, and hybrid workouts and are soft enough for treadmill running. They look fantastic, too.
For the Beloved Bookworms
A Kindle is always a great gift for anyone who reads in any format. Funny enough, my siblings and I are about to buy one for my dad for his birthday (two weeks before Valentine’s Day), and I recommended my favorite pick, the Kindle Paperwhite, since the standard Kindle is a little too small for his 6-foot-4 frame to hunch down over, and he doesn’t read enough illustrated books to make the Colorsoft the right jump for him. If they already have a Kindle, I’m still in love with my matching PopSockets Kindle case and grip, and they’ve since launched a new Bookish collection with beautiful designs.
For Some Bedroom Spice
Looking to spice things up? These adventure boxes can add more fun to the bedroom without creating additional mental work for you and your partner. An offshoot from the Adventure Challenge, “The Adventure Challenge … In Bed” scratch-off date book has 50 date ideas designed specifically to help facilitate fun and connection in the bedroom. The dates are categorized by activity type in sections like food, dancing, “sexploration,” and more. Each date is covered by a black box, with only icons indicating required fields such as duration, cost, and more. Meanwhile, the Fantasy Box is a date-night box service offering a range of themes, from sexy wine tasting to a kinky poker night, all designed to help couples communicate and connect more intimately. Before opening the box, each partner will fill out a questionnaire of potential intimate acts, and this box comes with everything needed for a truly kinky night in: a satin blindfold, pleather paddle, lingerie, lube, massage gel, feather wand, mini vibrator, and silky wrist restraints. —Molly Higgins
Power up with unlimited access to WIRED. Get best-in-class reporting and exclusive subscriber content that’s too important to ignore. Subscribe Today.
2026 NBA All-Star: Biggest surprises and snubs as full rosters revealed
Kennedy Center to close for construction for 2 years, Trump says
D-St blues! Sensex sheds 1.5K, biggest drop on a Budget day – The Times of India
-
Sports5 days agoPSL 11: Local players’ category renewals unveiled ahead of auction
-
Entertainment5 days agoClaire Danes reveals how she reacted to pregnancy at 44
-
Fashion1 week agoSpain’s apparel imports up 7.10% in Jan-Oct as sourcing realigns
-
Tech1 week agoICE Asks Companies About ‘Ad Tech and Big Data’ Tools It Could Use in Investigations
-
Sports5 days agoCollege football’s top 100 games of the 2025 season
-
Business6 days agoBanking services disrupted as bank employees go on nationwide strike demanding five-day work week
-
Fashion1 week agoTurkiye cuts benchmark rate to 37%, flags confidence on inflation
-
Fashion1 week agoAustralian wool prices climb again as exporters drive demand