Retailer Debenhams has said that up to 26,000 customers of its Flowers website have had their personal data compromised following a cyber-attack.
Payment details, names and addresses were potentially taken during the incident, which targeted Ecomnova, a third party e-commerce company.
Debenhams said it has contacted customers whose data was accessed.
Customers of Debenhams.com, a separate website, have not been affected, the company added.
The attack took place between 24 February and 11 April and the Debenhams Flowers website is currently offline.
“Our communication to affected customers includes detailing steps that we have taken and steps that those customers should take,” Debenhams said in a statement.
A spokeswoman told the BBC that emails have been sent to just under 26,000 customers and that this will be followed up with a letter in the post.
“As soon as we were informed that there had been a cyber-attack, we suspended the Debenhams Flowers website and commenced a full investigation,” said Debenhams chief executive Sergio Bucher in a statement.
“We are very sorry that customers have been affected by this incident and we are doing everything we can to provide advice to affected customers and reduce their risk.”
The Information Commissioner’s Office (ICO) has been informed of the incident.
The Home Office denied there was anything new in the consultation.
Phone companies and internet service providers would be asked to provide “data in near real time” within one working day, according to one clause in the technical capabilities paper.
Such access would need to be sanctioned by secretaries of state and a judge appointed by the prime minister.
The paper also echoes the IP Act itself, noting that tech companies would be required to remove – or enable the removal – of encryption from communications as they would need to be provided “in an intelligible form” without “electronic protection”.
Under the terms of the Investigatory Powers Act, telecoms firms would have to carry out the requirements of any notices to these effects in secret, so the public would be unaware that such access had been given.
Simultaneous surveillance could occur in bulk, but be limited to one in every 10,000 users of a given service – a maximum of roughly 900 of BT’s 9 million British broadband customers, for instance.
A consultation about the paper – due to end on 19 May – is allegedly under way at the moment, though this was not publicly announced by the government.
It does not have a legal obligation notify the public about draft regulations, which would have to be passed by both Houses of Parliament in order to become law.
A BT spokesman confirmed the company had received “a copy of draft regulations, to be made under the Investigatory Powers Act 2016, in relation to technical capability notices” – but did not comment further.
“The public has a right to know about government powers that could put their privacy and security at risk,” said Jim Killock, executive director of the Open Rights Group, explaining the decision to publish the document.
“It seems very clear that the Home Office intends to use these to remove end-to-end encryption – or more accurately to require tech companies to remove it,” said Dr Cian Murphy, a legal expert at the University of Bristol who has criticised the scope of the IP act.
“I do read the regulations as the Home Office wanting to be able to have near real-time access to web chat and other forms of communication,” he told the BBC.
Home Secretary Amber Rudd has previously argued that the Investigatory Powers Act is necessary to curb “new opportunities for terrorists” afforded by the internet.
Surveillance of some mobile phone user data in “as near real-time as possible” has already been available to law enforcement authorities for many years, noted Dr Steven Murdoch at University College London.
The UK’s Internet Service Providers’ Association (Ispa), which represents BT, Sky, Virgin Media, TalkTalk and others, said it would be “consulting its members and submitting a response to the draft regulations”.
Nasa is seeking help from coders to speed up the software it uses to design experimental aircraft.
It is running a competition that will share $55,000 (£42,000) between the top two people who can make its FUN3D software run up to 10,000 times faster.
The FUN3D code is used to model how air flows around simulated aircraft in a supercomputer.
The software was developed in the 1980s and is written in an older computer programming language called Fortran.
“This is the ultimate ‘geek’ dream assignment,” said Doug Rohn, head of Nasa’s transformative aeronautics concepts program that makes heavy use of the FUN3D code.
In a statement, Mr Rohn said the software is used on the agency’s Pleiades supercomputer to test early designs of futuristic aircraft.
The software suite tests them using computational fluid dynamics, which make heavy use of complicated mathematical formulae and data structures to see how well the designs work.
Once designs are proved on the supercomputer, scale models are tested in wind tunnels and then finally experimental craft undergo real world testing.
Significant improvements could be gained just by simplifying a heavily used sub-routine so it runs a few milliseconds faster, said Nasa on the webpage describing the competition. If the routine is called millions of times during a simulation this could “significantly” trim testing times, it added.
Nasa said it would provide copies of the code to anyone taking part so they can analyse it, find bottlenecks and suggest modifications that could speed it up. Nasa is looking for the code to run at least 10 times faster but would like it quickened by thousands of times, if possible.
Any changes to FUN3D must not make it less accurate, said Nasa.
The sensitive nature of the code means the competition is only open to US citizens who are over 18.
During the attack, users were sent a deceptive invitation to edit a Google Doc, with a subject line stating a contact “has shared a document on Google Docs with you”.
The email address hhhhhhhhhhhhhhhh@mailinator[.]com was also copied in to the message; Mailinator, a free email service provider has denied any involvement.
If users clicked on the “Open in Docs” button in the email, they were then taken to a real Google-hosted page and asked to allow a seemingly real service, called “Google Docs”, to access their email account data.
By granting permission, users unwittingly allowed hackers to potentially access to their email account, contacts and online documents.
The malware then e-mailed everyone in the victim’s contacts list in order to spread itself.
“This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” Justin Cappos, a cyber security professor at NYU, told Reuters.
According to PC World magazine, the scam was more sophisticated than typical phishing attacks, whereby people trick people into handing over their personal information by posing as a reputable company.
This is because the hackers bypassed the need to steal people’s login credentials and instead built a third-party app that used Google processes to gain account access.
The Russian hacking group Fancy Bear has been accused of using similar attack methods, but one security expert doubted their involvement.
“I don’t believe they are behind this… because this is way too widespread,” Jaime Blasco, chief scientist at security provider AlienVault, told PC World.
Google said the spam campaign affected “fewer than 0.1%” of Gmail users. That works out to about one million people affected.
Last year, an American man pleaded guilty to stealing celebrities’ nude pictures by using a phishing scam to hack their iCloud and Gmail accounts.
The Hughes family in Manchester have quit their jobs and put everything they own into building a social network aimed solely at sports fans. But can they take on the giants?
“We see ourselves sitting at the top table with the big boys,” says father Perry Hughes confidently.
“We don’t think we’re taking on the competition.”
It might sound optimistic to put your family business in the same league as the multi-billion dollar social networks but the Hughes family certainly have the passion to give it a go.
Their big idea is GameDay Xtra, which has the bold ambition of hosting a page for every single sports team and player in the world – with even the humblest of leagues able to share their own news.
Son Sam, 21, has suspended his university studies and works through the night on the project. Daughter Mollie, 18, handles the social media side.
GameDay is purely for sports fans, the family say.
Members get live news feeds of sporting events, form their own groups and networks, follow games play-by-play, and in future will also be able to play bespoke interactive games themselves within the site.
“Super fans” will also be able to run the team or player pages of their choice if the real deal doesn’t snap up their own page themselves.
The family say it currently has a few thousand members and will open for broader membership in August this year.
“We saw an opening in the market,” says Sam, who is also an eSports video game player.
“It’s good to work with family. We’re all hard working, committed to the project.”
Perry Hughes admits the family “panicked” when Facebook launched its Sports Stadium for sports fans in January 2016 but these days he does not consider them to be GameDay’s rivals.
In fact two Facebook execs have joined the closed trial, he claims.
“When we saw what they did [with Stadium] we laughed,” he says.
There are five planned “phases” for the platform, and the family are secretive about what those will be.
Phase two will be only unleashed once they have one million members because the licensing is going to be expensive, Mr Hughes says.
“Phase three will be: ‘what have they built!’” he teases.
Perhaps unsurprisingly, financing the idea has proved to be the biggest challenge.
“We went to a lot of investors. They said the scale of the project was too big,” said Mr Hughes.
“We sold the house, the cars, everything. We ran out of money twice.
“We all gave up our jobs and committed totally to this. At times it’s been lonely.
“When you put all your money into one project you are keeping an eye on everything.”
They have now secured significant funding from a Russian backer, whom they decline to identify.
The family are also coy about how they plan to make money from GameDay but hint that it will be similar to Facebook and Instagram’s business model.
“We will be carrying some ads – but we don’t want to end up with loads of videos and so on,” said Mr Hughes.
“This is not about ‘build it, sell it and move on’. We think we are going to change the way media is done.”
Emma Sinclair MBE, tech entrepreneur and investor, said she admired their ambition but was “unconvinced” that the platform could live up to the family’s expectations.
“Sports fans are already likely using one or more of Facebook, Twitter, Instagram and SnapChat. That’s in addition to text, Whatsapp, email. And they will no doubt have their favourite sports hubs too relating to teams they support and commentators they follow,” she said.
“There’s a lot of competition and noise out there and for a start-up on a small budget, competing with giants and established players for attention is an expensive and ambitious job.
“As an angel investor and with the little information I have to hand, I am currently unconvinced that this site has the capacity to disrupt the market and come out on top as a key hub for sports fans as things stand.
“This being a site in beta however, I hope they prove me wrong and I wish them luck.”
Apple sold fewer iPhones than a year ago in the first three months of 2017, the company said in its latest results.
The California firm, which is due to release a new phone later this year, said it sold 50.8 million iPhones in the period, down 1% year-on-year.
Apple boss Tim Cook blamed a “pause” as customers wait for the next iPhone.
Shares in the firm fell nearly 2% in after-hours trading after earlier hitting a record high on expectations of better results.
Apple reported a 4.6% rise in revenue across the whole company to $52.9bn (£41bn), slightly below analysts’ forecasts.
The dip in iPhone sales was offset by services, including Apple Pay, iCloud and the App store, which recorded an 18% increase in sales to $7bn.
Mr Cook also pointed to growth in sales of Apple Watch, as well as its AirPods and Beats earphones.
Despite falling unit sales, revenue from iPhones still climbed 1% to $33.2bn due to “robust” sales of its bigger, more expensive iPhone 7 Plus.
Analysis: Expectations high for 10th anniversary iPhone
By Dave Lee, BBC North America technology reporter
This is always the least impressive time of year for Apple’s earnings, come as it does after the Christmas period.
But worse-than-expected iPhone sales had investors slightly unhappy after anticipation of strong earnings sent shares to record highs earlier on Tuesday.
Tim Cook told investors he was also pleased with the continued growth of its Services division – that’s things like Apple Music, Apple TV, iTunes and so on – but the health of Apple is only realistically measured with the success of that all-conquering smartphone.
Which is why the rest of the year will be exciting to watch.
With the iPhone’s 10th anniversary upon us, expectations are high for the next device.
Anything short of a major improvement would be troubling for investors who are banking on the next iPhone being a blockbuster, not an incremental upgrade.
Analysts at GlobalData Retail noted that Apple’s revenue from iPhones was $7bn less than the same period two years ago.
“We highlight these facts not to be unduly harsh to Apple, but to indicate that the company has only partially emerged from the slump that hit it over the last fiscal year,” Neil Saunders, managing director of GlobalData Retail, wrote in a note.
“In our view, the company’s mature product line up and an absence of any significant new devices mean it has struggled to regain all of the lost ground,” he added.
China, which was partly to blame for the slowdown last year, was again difficult for Apple. Revenue from China dropped 14%, although Mr Cook partly blamed currency fluctuations for the fall.
Apple said quarterly profits were $11bn worldwide, up 4.9% from the same period in 2016.
The firm also announced it would return an extra $50bn to shareholders.
A malicious hacker has reportedly released 10 episodes of the new series of TV show ‘Orange is the New Black’.
The episodes are believed to have been uploaded to file-sharing sites across the net after US media firm Netflix refused to pay a ransom.
The shows were due to be released officially from 9 June onwards.
The hacker who stole the episodes said they had also managed to steal series from other broadcasters including ABC, Fox and National Geographic.
Netflix told Entertainment Weekly that it was “aware of the situation” and added: “A production vendor used by several major TV studios had its security compromised and the appropriate law enforcement authorities are involved.”
The FBI is also believed to be looking into the theft which is believed to have taken place in late 2016.
The hacker behind the theft uses the alias The Dark Overlord and before now has largely targeted hospitals and other healthcare institutions.
On 29 April, the hacker wrote a message on the Pastebin website which scolded Netflix for not paying the ransom.
It is not clear how much money the hacker wanted for keeping the stolen TV shows offline.
Turkey has blocked all access inside the country to the online encyclopaedia Wikipedia.
Officials said “an administrative measure” had been taken, but gave no reason why.
Turkish media said authorities had asked Wikipedia to remove content by writers “supporting terror”.
Turkey has temporarily blocked social media sites including Facebook and Twitter in the past, usually following protests or terror attacks.
The Turkey Blocks monitoring group said Wikipedia was unreachable from 08:00 (05:00 GMT). People in Istanbul were unable to access any pages without using a Virtual Private Network (VPN).
Switzerland investigates Turkey spying claims
Turkey blocks web drives after leak
Wikipedia founder creates news service
“After technical analysis and legal consideration based on the Law Nr. 5651 [governing the internet], an administrative measure has been taken for this website,” Turkey’s Information and Communication Technologies Authority was quoted as saying, giving no further details.
However, the Hurriyet daily newspaper said Wikipedia had been asked to remove content by certain writers whom the authorities accuse of “supporting terror” and of linking Turkey to terror groups. The site had not responded to the demands, Hurriyet said, and the ban was imposed as a result.
Turkey Blocks and Turkish media, including Hurriyet, said the provisional order would need to be backed by a full court ruling in the next few days.
Another day, another outage – by Mark Lowen, BBC Turkey Correspondent
It’s become all too familiar here: the endless “loading” icon followed by the message “server timed out”.
Blocking websites is a common tool of the Turkish authorities: Twitter, Facebook and YouTube have suffered the same fate several times, and numerous anti-government sites are inaccessible.
Critics say it smacks of Turkey’s repression of free speech: over half of all requests to Twitter to remove content have come from Turkey, and the country now ranks 155 of 180 in the press freedom index of the watchdog Reporters without Borders.
Social media was in uproar as news of the ban emerged, with some users speculating that it might be a bid to suppress criticism on President Recep Tayyip Erdogan’s Wikipedia page.
One Twitter user noted that the Wikipedia page on Turkey’s referendum has a section on “controversies and electoral misconduct”, and cites claims that the government suppressed the No campaign through “arrests, control of the media and political suppression”.
The Turkish government has previously denied censoring the internet, blaming outages on spikes in usage after major events.