June 2026 Data Blast

Ottawa man arrested after cyber attacks on prominent security author and researchers

In May 2026, Canadian authorities arrested a 23-year-old Ottawa man suspected of operating the malicious botnet known as Kimwolf.

The botnet is thought to have used millions of infected Internet of Things (IoT) devices such as ‘smart’ picture frames and webcams, which would typically sit behind firewalls within closed Wi-Fi networks, and which were then used in cyber attacks or rented out to cyber attackers for use in very large Distributed Denial of Service (DDoS) attacks.

DDoS attacks operate by overwhelming targets with fraudulent Internet traffic. At a reported 30 Terabits per second, the attacks via the Kimwolf botnet achieved volumes not previously recorded.

The suspect, who used the moniker ‘Dort’, had previously been identified by US-based cybersecurity expert Brian Krebs; Dort had harassed and carried out cyber attacks against several cybersecurity researchers who had been working to ascertain his true identity.

The bot network that Dort controlled allegedly also carried out attacks affecting government Internet addresses including those of the US Department of Defence. The suspect faces charges in Canada and in the US, where he is also subject to an extradition warrant.

The incident is a reminder of the vulnerabilities of connected devices, even when recommended security protocols may be followed. Past notable examples of IoT devices being infiltrated include: webcams and baby monitors; home security systems and connected doorbells; as well as internet-enabled vehicles.

UK police told to stop using AI in court statements

The National Centre for AI in Policing, known as ‘Police.AI’, has said that police forces must stop using AI in the preparation of court statements, following concerns that improper inputs could contaminate legal proceedings.

Police.AI issued a warning to ‘pause’ the use of AI after some forces were understood to have been using ‘commercially available’ AI tools for tasks such as creating witness statements from officers’ notes.  Another use raising concern was the preparation of disclosure schedules listing evidence to be provided to the defence team in criminal proceedings.

A particularly worrying example of how AI can lead to errors occurred when the West Midlands Police last year relied on Microsoft’s Co-Pilot in its planning around a football between Maccabi Tel Aviv and Aston Villa. The AI ‘hallucinated’ a past match involving Maccabi, which was included in the police dossier in support of banning the team’s fans from attending the planned match.

Alex Murray, head of the Police.AI centre, said that police forces will now all have in place an AI policy that sets out the need to ‘check everything that it produces.’  He added, in his broad assessment of the opportunities afforded by AI in policing:

“I think the benefit that automation offers, with the appropriate guardrails, policy and training, outweighs the disadvantages.”

South Staffordshire water companies fined for data security failings

The UK Information Commissioner’s Office (‘ICO’) issued a fine of £963,900 against South Staffordshire Plc and South Staffordshire Water Plc (‘Staffordshire’) following a cyber attack in May 2022, which resulted in the personal data of 633,887 customers being exfiltrated and published on the dark web.

As with other notable recent cyber incidents, the attack started with a successful phishing email containing an attachment; once opened, malicious software was able to be installed on the company’s network; it remained there undetected for 20 months.  In July 2022, a ransom note was discovered, which the attackers had unsuccessfully attempted to send to several of the companies’ employees.

The 4.1 terabytes of data stolen by the attackers included:

• Full name, address, email address, date of birth, gender, and phone number;
• Employee human resources information including National Insurance numbers;
• Customer user names and passwords, as well as bank details;
• For some customers, information which could have revealed disabilities.

The ICO found that the companies had failed to implement appropriate data security measures, noting in particular:

• The use of obsolete, and thus unsupported, software on some devices;
• Inadequate monitoring which covered only 5% of the organisations’ IT footprint;
• Insufficient controls, which allowed the attacker to obtain administrator privileges once inside the network;
• Unpatched critical vulnerabilities and the absence of regular security scans to identify those risks.

The ICO noted that the fine was agreed with the organisations following their engagement with investigators and commitments to make improvements in their approach to data security.  The agreed fine represented a 40% reduction in the originally proposed penalty, following Staffordshire’s early admission of liability and acceptance of the ICO’s findings.

European Commission orders Meta to allow third party AI to access WhatsApp

The European Commission (‘EC’) is investigating whether Meta’s practice of limiting access to WhatsApp data to  Meta’s own AI assistant amounts to an abuse of its dominant position in the market.  Whilst that investigation continues, the EC has issued an interim decision ordering Meta to allow third party general purpose AI (‘GPAI’) tools free access to WhatsApp chats via the WhatsApp for Business API; the position which the EC stated had been in place until October 2025. Meta had banned such third party tools commencing in December 2025.

Teresa Ribera, the EC’s Executive Vice-President for a Clean, Just and Competitive Transition explained the EC’s position:

“These interim measures will safeguard competition in the growing market for AI assistants, by preserving a key entry point to reach consumers in Europe – WhatsApp – and allowing AI companies to innovate, scale up and reach their full potential. With today’s decision, we also preserve choice for citizens across Europe on the AI assistants they want to use with WhatsApp, without that decision being made for them.”

For further information please contact James Tumbridge and Robert Peake.