惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
WordPress大学
WordPress大学
G
Google Developers Blog
博客园 - 三生石上(FineUI控件)
Last Week in AI
Last Week in AI
IT之家
IT之家
博客园_首页
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
爱范儿
爱范儿
大猫的无限游戏
大猫的无限游戏
博客园 - Franky
U
Unit 42
Security Archives - TechRepublic
Security Archives - TechRepublic
C
Cisco Blogs
S
Schneier on Security
T
Threatpost
阮一峰的网络日志
阮一峰的网络日志
Microsoft Security Blog
Microsoft Security Blog
The Cloudflare Blog
博客园 - 聂微东
C
Cybersecurity and Infrastructure Security Agency CISA
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Blog — PlanetScale
Blog — PlanetScale
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Engineering at Meta
Engineering at Meta
M
MIT News - Artificial intelligence
aimingoo的专栏
aimingoo的专栏
博客园 - 叶小钗
Cisco Talos Blog
Cisco Talos Blog
P
Palo Alto Networks Blog
MongoDB | Blog
MongoDB | Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
V
V2EX
L
Lohrmann on Cybersecurity
Latest news
Latest news
小众软件
小众软件
有赞技术团队
有赞技术团队
Know Your Adversary
Know Your Adversary
Simon Willison's Weblog
Simon Willison's Weblog
B
Blog
雷峰网
雷峰网
K
Kaspersky official blog
美团技术团队
D
Darknet – Hacking Tools, Hacker News & Cyber Security
C
Check Point Blog
Recorded Future
Recorded Future
博客园 - 【当耐特】
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts FCC guts Salt Typhoon telco rules despite espionage risk CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO Overconfidence is the new zero-day as teams stumble through cyber simulations UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support JLR extends shutdown – again – as toll on workers laid bare UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations Why aggregating asset inventory leads to better security NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI NSO Group must pay Meta $168M in WhatsApp spy case Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
Church of England abuse victims exposed by lawyer's email
Connor Jones Connor Jones · 2025-08-28 · via The Register - Security: CSO

CSO

Law firm email blunder exposes Church of England abuse victim details

Apology issued after names tied to redress scheme revealed in mass mailing

A London law firm leaked the details of nearly 200 people who requested to receive updates about the redress scheme set up for victims of abuse at the hands of the Church of England (CoE).

City firm Kennedys Law confirmed that due to "human error," the email addresses of 194 individuals and law firms were exposed to all recipients.

It said it made attempts to recall the emails, but these "were only partially successful."

The redress scheme, established for victims of abuse by those who held positions of power in the Church, including priests and bishops, was only recently set to start opening its application process after a bill was approved in July to begin its passage to law.

"Kennedys is deeply sorry for the hurt and concern caused to everyone affected by this significant error and accepts full responsibility," it said in a statement. "We have contactedeveryone who received the message and have reported the incident to the Charity Commission, the Information Commissioner's Office and the Solicitor's Regulatory Authority. We will fully comply with any investigations.

"We understand the significant impact this will have on those affected for which we apologise unreservedly. We remain committed to supporting victims and survivors of Church of England-related abuse to secure the financial redress, therapeutic, spiritual and emotional support, acknowledgement of wrongdoing on the part of the Church, apology and other forms of bespoke redress under this scheme."

The law firm added that an internal investigation was launched to understand how this happened, promising to incorporate all learnings "immediately."

The CoE said: "While the Church of England is not the data controller for the Redress Scheme and does not hold or manage the data in question, we are nonetheless profoundly concerned. We are in discussions with Kennedys to understand how this breach occurred and to ensure robust steps are taken to prevent anything similar from happening again.

"This should not have happened. We will continue to monitor the situation closely and support efforts to restore trust and confidence."

Cases of CoE abuse date back decades. The Independent Inquiry into Child Sexual Abuse (IICSA), published in 2022, revealed that between the 1940s and 2018, 390 Church associates were convicted of child sex abuse crimes.

It also noted that until 2015, the CoE's safeguarding arrangements – which represent 85 million Anglicans globally – were under-resourced. 

This changed in late 2015, around a year after the idea of a redress scheme was first discussed between survivors and Church officials, according to the House of Survivors group's timeline.

Over the years, the number of victims at the CoE alone is estimated to be in the many thousands, including children, teenagers, and adults. 

Church dioceses received 3,287 reports of concerns and allegations in 2017 alone, representing a 50 percent increase compared to 2015.

Numerous convictions have been secured in recent years, and former long-serving Archbishop of Canterbury, Justin Welby, was forced to resign in 2024 over his failure to investigate claims of historical abuse.

"The Church of England failed to respond consistently to victims and survivors with sympathy and compassion, accompanied by practical and appropriate support," the IICSA noted. "This often added to the trauma of those who had experienced child sexual abuse by individuals connected to the Church.

"While there have been important improvements in child protection practice, the Church of England still has more to do to rebuild the trust of victims and survivors. Some internal past case reviews were flawed and inaccurate, and there was a tendency to minimise offending."

The incident, which is the latest of the many ways CoE abuse victims have been failed over the years, is just one in a litany of email-related failures that have affected vulnerable people in the UK and abroad.

The most notable case in recent years was the Ministry of Defence's infamous leak of the 19,000 Afghan individuals who worked with British armed forces in fighting the Taliban, which also included British spies and SAS troops.

Standard email etiquette became so concerning in 2023 that the Information Commissioner's Office was forced to issue a reminder of the dangers associated with confusing CC and BCC.

It cited cases involving an NHS Trust and an unspecified charity, which exposed the identities of patients and members of an HIV advisory board, respectively.  ®