Exclusive: Lab tests discover ‘new form of insider risk’ with artificial intelligence agents engaging in autonomous, even ‘aggressive’ behaviours

Robert Booth UK technology editor

Rogue artificial intelligence agents have worked together to smuggle sensitive information out of supposedly secure systems, in the latest sign cyber-defences may be overwhelmed by unforeseen scheming by AIs.

With companies increasingly asking AI agents to carry out complex tasks in internal systems, the behaviour has sparked concerns that supposedly helpful technology could pose a serious inside threat.

Kensington and Westminster councils investigating whether data has been compromised as Hammersmith and Fulham also reports hack

Three London councils have reported a cyber-attack, prompting the rollout of emergency plans and the involvement of the National Crime Agency (NCA) as they investigate whether any data has been compromised.

The Royal Borough of Kensington and Chelsea (RBKC), and Westminster city council, which share some IT infrastructure, said a number of systems had been affected across both authorities, including phone lines. The councils shut down several computerised systems as a precaution to limit further possible damage.

Sensitive information relates to more than 100 individuals and their referees

Personal details submitted by applicants for a job at Tate art galleries have been leaked online, exposing their addresses, salaries and the phone numbers of their referees, the Guardian has learned.

The records, running to hundreds of pages, appeared on a website unrelated to the government-sponsored organisation, which operates the Tate Modern and Tate Britain galleries in London, Tate St Ives in Cornwall and Tate Liverpool.

Hackers stole personal information of 6.6m people but outsourcing firm did not shut device targeted for 58 hours

The outsourcing company Capita has been fined £14m for data protection failings after hackers stole the personal information of 6.6 million people, including staff details and those of its clients’ customers.

John Edwards, the UK information commissioner who levied the fine, said the March 2023 data theft from the group and companies it supported, including 325 pension providers, caused anxiety and stress for those affected.

As Keir Starmer aims to revive ID card system first proposed by Tony Blair, we look at the arguments for and against

It is 21 years since Tony Blair’s government made proposals for an ID card system to tackle illegal working and immigration, and to make it more convenient for the public to access services.

The same issues are on the agenda again as Keir Starmer revives what became one of New Labour’s most controversial policies. He is about to find out if he can defeat the argument that David Cameron’s Conservatives made before scrapping it. They said the ID card approach to personal privacy was “the worst of all worlds – intrusive, ineffective and enormously expensive”.

Audit watchdog finds 58 critical IT systems assessed in 2024 had ‘significant gaps in cyber-resilience’

The threat of potentially devastating cyber-attacks against UK government departments is “severe and advancing quickly”, with dozens of critical IT systems vulnerable to an expected regular pattern of significant strikes, ministers have been warned.

The National Audit Office (NAO) found that 58 critical government IT systems independently assessed in 2024 had “significant gaps in cyber-resilience”, and the government did not know how vulnerable at least 228 ageing and outdated “legacy” IT systems were to cyber-attack. The NAO did not name the systems for fear of helping attackers choose targets.