A cyberattack on Intradev, the external software supplier for Access Personal Checking Services (APCS), led to unauthorized access and exfiltration of personal data submitted for Disclosure and Barring Service (DBS) checks by Activate Learning and other educational institutions. The breach, discovered on August 17, exposed sensitive information collected between December 2023 and May 8, 2024, including names, dates of birth, email/postal addresses, National Insurance Numbers, passport details, and driving licence information. While payment card details and criminal records remained secure, the incident compromised data of individuals undergoing DBS applications. APCS confirmed no breach of its own or Activate Learning’s networks but is investigating the full scope. Affected parties were advised to monitor financial activity, enable two-factor authentication, and report phishing attempts. The Information Commissioner’s Office (ICO) was notified, and updates are pending as the investigation continues.
Source: https://www.bracknellnews.co.uk/news/25471584.bracknell-wokingham-college-hit-cyber-attack/
TPRM report: https://www.rankiteo.com/company/activate-learning-education-trust
"id": "act3192331091625",
"linkid": "activate-learning-education-trust",
"type": "Breach",
"date": "12/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'education',
'location': 'Church Road, Bracknell, UK',
'name': 'Activate Learning (Bracknell and Wokingham '
'College)',
'type': 'educational institution'},
{'industry': 'background checks / DBS services',
'name': 'Access Personal Checking Services (APCS)',
'type': 'service provider'},
{'industry': 'technology / software',
'name': 'Intradev',
'type': 'software supplier'}],
'customer_advisories': ['Change passwords and enable 2FA',
'Monitor financial accounts for fraudulent activity',
'Be cautious of phishing emails or suspicious '
'contacts',
'Contact the data protection team with concerns'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes government-issued IDs '
'and personal details)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'government-issued identifiers '
'(National Insurance Numbers, '
'passport details, driving '
'licence information)']},
'date_detected': '2024-08-17',
'description': "The breach involves unauthorised access to Intradev's "
'systems, the external software supplier for Access Personal '
'Checking Services (APCS), leading to the copying of personal '
'data files used for Disclosure and Barring Service (DBS) '
'checks. The compromised data, collected between December 2023 '
'and May 8, 2024, includes names, dates of birth, email '
'addresses, postal addresses, places of birth, gender, '
'National Insurance Numbers, passport details, and driving '
'licence information. Payment card details and criminal '
'conviction records were not affected. APCS and Activate '
"Learning's own networks were not breached. An investigation "
'is ongoing to determine the full scope of the incident.',
'impact': {'brand_reputation_impact': 'Potential risk due to exposure of '
'sensitive personal data; vigilance '
'advised for affected individuals',
'data_compromised': ['names',
'dates of birth',
'email addresses',
'postal addresses',
'places of birth',
'gender',
'National Insurance Numbers',
'passport details',
'driving licence information'],
'identity_theft_risk': 'High (personal data exposed; individuals '
'advised to monitor financial statements '
'and watch for phishing attempts)',
'legal_liabilities': "Reported to the Information Commissioner's "
'Office (ICO); ongoing risk assessment',
'operational_impact': 'None reported; APCS services continue as '
'usual',
'payment_information_risk': 'None (payment card details confirmed '
'not compromised)',
'systems_affected': ["Intradev's systems (external software "
'supplier)']},
'initial_access_broker': {'high_value_targets': ['DBS application data '
'(December 2023 – May 8, '
'2024)']},
'investigation_status': 'Ongoing (APCS leading investigation to determine '
'full scope of compromised data)',
'ransomware': {'data_exfiltration': True},
'recommendations': ['Monitor financial statements for unusual activity',
'Change passwords and use unique passwords for different '
'accounts',
'Enable two-factor authentication (2FA)',
'Update security settings regularly',
'Remain vigilant against phishing attempts and '
'unsolicited requests for personal information',
'Report suspicious activity to the data protection team'],
'references': [{'source': 'Activate Learning public statement'}],
'regulatory_compliance': {'regulations_violated': ['UK GDPR (potential '
'violation due to '
'unauthorised data '
'access)'],
'regulatory_notifications': ['Information '
"Commissioner's Office "
'(ICO)']},
'response': {'communication_strategy': ['Public statement by Tyron Bancroft '
'(Group Head of Risk and Resilience, '
'Activate Learning)',
'Direct communication with confirmed '
'affected data controllers',
'Advisories for individuals to remain '
'vigilant against phishing and '
'identity theft'],
'incident_response_plan_activated': True,
'remediation_measures': ['Ongoing investigation to determine '
'full scope of compromised data',
'Contacting data controllers where '
'breach is confirmed',
'Advising individuals to monitor '
'financial statements, change '
'passwords, enable two-factor '
'authentication, and update security '
'settings'],
'third_party_assistance': ['Intradev (investigation support)']},
'stakeholder_advisories': ['Data controllers where breach is confirmed are '
'being contacted directly',
'General advisory for individuals to take '
'precautionary measures'],
'title': 'Unauthorised Access to DBS Check Data via Intradev Systems '
'Affecting Activate Learning and APCS',
'type': ['data breach', 'cyberattack', 'unauthorised access']}