Bull has won a €30 million, five-year contract to supply AI infrastructure for the Mimer AI Factory in Sweden.

Procured by EuroHPC JU and co-funded by the Digital Europe Programme and the Swedish Research Council, the system will be deployed at the National Academic Infrastructure for Supercomputing in Sweden, or NAISS, which hosts Mimer.

Launched in 2025, Mimer provides advanced computing access for industry and research in fields including life sciences, materials science, autonomous systems and gaming. The facility already supports more than 200 companies, according to Bull, and rising demand has created a need for additional AI-focused capacity.

The contract covers infrastructure, an AI platform and support for use cases. Bull will also provide maintenance, support and training for NAISS teams and end users.

The company plans to install a system based on its BullSequana XH3500 architecture, delivered through an as-a-service model with cloud-style access.

This is intended to make the system accessible to a wider range of users, particularly smaller businesses and start-ups that may lack the resources to run large computing systems directly. NAISS and its backers are presenting Mimer as part of a broader European effort to expand access to AI development tools and computing resources.

European push

The project is part of a wider European drive to build more domestic computing and AI infrastructure. EuroHPC JU, the public-private initiative for supercomputing, has been expanding support for systems designed for AI workloads as governments and research bodies seek to reduce dependence on non-European platforms.

According to Bull, the Mimer deployment will include software developed in Europe for the development, governance and operation of AI systems. The platform will also provide sector-specific environments for researchers, start-ups and small and medium-sized enterprises.

Energy use remains a central issue for large-scale AI and supercomputing installations. Bull said the infrastructure for Mimer will use its direct liquid cooling technology, which it says improves energy efficiency and supports longer-term expansion.

For Sweden, the contract adds to efforts to strengthen national and regional computing resources for research and industry. Mimer is aimed at users in both the public and private sectors, with an emphasis on helping organisations move from access to computing infrastructure to operational AI work.

Erik Lindahl, Professor at Linköping University and NAISS Director, described the project as an early AI-focused system under the EuroHPC framework.

“As one of the first AI-only systems deployed by EuroHPC JU, this is an important milestone for NAISS and the AI Factory infrastructure. It will enable SMEs, public sector actors, and researchers to rapidly deploy AI workloads. It is also a key enabler to develop sovereign language models and deliver impact in areas such as life sciences, materials science, and autonomous systems. We are excited to work with Bull on a platform that combines performance with a strong commitment to open source to strengthen Sweden’s capacity for secure AI,” said Lindahl.

Company position

The deal is also an early contract announcement for Bull as a standalone business. The company reports about €720 million in revenue, 3,000 staff and operations in 32 countries, spanning supercomputing, artificial intelligence and quantum technologies.

Chief executive Emmanuel Le Roux said the Mimer contract reflects Bull’s direction as it builds its position in advanced computing and AI.

“AI Factories are critical building blocks in scaling Europe’s AI infrastructure. With Mimer AI Factory, Bull is delivering not only high‐performance AI infrastructure, but a comprehensive portfolio of AI-dedicated assets, spanning systems, software, use cases and skills. As Bull enters a new chapter as an independent company, this contract illustrates our strategy to accelerate across the full spectrum of advanced computing and AI technologies – delivering sustainable solutions with tangible real-world impact. By supporting the expansion of Mimer AI Factory, Bull reinforces its role as a trusted partner in Europe’s HPC and AI landscape and contributes to the growth of a broad ecosystem of European innovators,” said Le Roux.

Recorded data breaches across 78 of England’s largest local councils rose 53% over five years, according to research by password management company Passpack. Referrals to the Information Commissioner’s Office (ICO) for the most serious incidents increased 41% over the same period.

The study drew on Freedom of Information responses from 78 of 100 councils contacted, covering 2021 to 2025. In the most recent reporting year supplied by each authority, the councils logged 16,902 incidents on internal breach registers and made 305 referrals to the ICO.

The figures cover a wide range of incidents, from emails sent to the wrong recipient to breaches serious enough to require notification to the regulator. Under UK GDPR, organisations must report a breach to the ICO within 72 hours if it is likely to pose a risk to individuals’ rights and freedoms.

Across the dataset, the ratio of internal incidents to ICO referrals was about 50 to one. This suggests most logged events were minor, but the rise in referrals points to an increase in incidents councils judged serious enough to have potential consequences for residents.

Largest rises

Among authorities with data for the full period, Wiltshire Council recorded the sharpest increase in internally logged incidents, up 601% from 341 in 2021 to 2,391 in 2025. Gateshead Council followed with a 302% increase, while the London Borough of Greenwich rose 215% and Salford City Council 191%.

Wiltshire also recorded the highest total number of incidents in the latest year covered, ahead of Bristol City Council with 721, Wakefield Council with 607, Sheffield City Council with 574 and Manchester City Council with 533.

Bristol recorded the highest number of ICO referrals in its latest reporting year, with 21. Cumberland Council and Cornwall Council each recorded 16, followed by Shropshire Council with 15 and the London Borough of Enfield with 14.

Council responses

Several councils said the figures reflected stronger internal reporting rather than a direct rise in damaging breaches or cyber attacks. Some also stressed the distinction between data-handling incidents and cyber security events.

A Manchester City Council spokesperson said the FOI data covered all types of potential data incidents, including near misses, cases where no data was lost and incidents flagged by other organisations that may have affected the council.

They said such incidents would not necessarily qualify as data breaches, and many did not involve personal data breaches. Many were low-level data-handling issues and did not involve unauthorised system access, malware or external threat actors, but were still reported internally as good practice.

The spokesperson added that annual mandatory GDPR training had improved staff understanding of good data practice and reporting responsibilities. Greater awareness, clearer reporting routes and better detection mechanisms meant issues that might previously have gone unreported were now being logged and managed appropriately.

Manchester also said cyber security and data protection were treated as separate risk areas, and that combining the two would give a misleading impression of its cyber security position. It said there had been no material cyber security incidents affecting core systems or resulting in the loss of personal data, and that a higher number of reported data protection incidents reflected stronger organisational maturity and a more open reporting culture, rather than weaker cyber security controls.

Bristol, which recorded the most ICO referrals, said it encouraged staff to report all suspected incidents, however minor, so they could be investigated and used to improve controls.

Wakefield Council, one of the authorities with the highest internal incident totals, said the figures included minor, non-reportable events and that no cyber attacks had resulted in a personal data breach during the period covered.

Wiltshire Council said its high totals reflected a broad reporting culture that included near misses and incidents identified through data loss prevention tools introduced through Microsoft 365. It added that none of the breaches it had reported to the ICO over the past five years had resulted in enforcement action.

Broader pressure

The findings come as local government faces sustained scrutiny over cyber resilience and data protection practices. Councils hold large volumes of residents’ personal information, including housing, social care, education and benefits data, while many operate under financial pressure.

Several major incidents have affected councils in recent years. Leicester City Council suffered a ransomware attack that disrupted IT systems and phone lines for weeks, while an attack on housing software supplier Locata affected housing websites used by Manchester, Salford and Bolton councils. Following a 2020 ransomware attack, Hackney Council spent more than GBP £12 million in a single financial year on recovery.

The research also noted the lack of a consistent national approach to how local authorities detect, classify and record data incidents. That makes direct comparisons difficult, particularly when one authority logs near misses and another records only confirmed breaches.

The London Borough of Bexley said the increase in reported data breaches should be seen in the context of a more open and mature reporting culture. It said staff had been encouraged to report all actual and potential data breaches, however minor, so they could be investigated, lessons learned and controls improved.

Bexley added that while the overall number of internally reported breaches had increased, the number requiring notification to the ICO had remained broadly consistent. In its view, that suggests the rise was driven mainly by better internal reporting of lower-level incidents rather than an increase in serious breaches, and reflected greater awareness of the importance of data protection across the organisation.

Roke has launched its CORTEXA GUARDIAN counter-drone system, which is already being fielded by military customers in the UK and Northern Europe.

The system targets a persistent problem in counter-uncrewed aircraft operations: many existing tools require specialist operators and extensive training. CORTEXA GUARDIAN was designed so generalist soldiers can use it after training measured in days rather than months, with some users moving from receiving the kit to unsupervised operation in less than 48 hours.

The platform can detect, track and identify multiple low-cost aerial threats at the same time. Its modular design allows users to configure it for different missions and operating conditions.

Instead of relying on dedicated hardware, the interface runs in a web browser on standard devices including laptops, tablets and mobile phones. The physical set-up also avoids specialist equipment, with the system mounted on commercial camera tripods rather than military-specific masts.

That design reflects how the product was developed. Roke worked with armed forces and mission partners across the UK and Northern Europe, then refined the system in response to operational feedback rather than controlled testing alone.

Training focus

The approach is intended to reduce the burden on front-line personnel. Advanced sensing, tracking, prioritisation and classification functions run automatically in the background, leaving operators with only the information needed to make decisions.

This is significant as armed forces and public safety organisations face a growing number of incidents involving small, relatively cheap drones. Such aircraft are an increasing concern because they are easy to acquire, can be deployed quickly, and can complicate the protection of bases, troops and other sensitive sites.

The system is intended for use in layered air defence, giving commanders and operators earlier warning of threats in contested airspace. It is also aimed at dispersed units and forward operating bases where personnel may not have access to specialist counter-drone teams.

Operational use

CORTEXA GUARDIAN was first shown publicly at DSEI 2025 before moving into operational deployment. Early customers had already received and deployed units independently, which Roke described as evidence of the system’s ease of use.

The product is being marketed to government, defence and public safety organisations across NATO and Northern Europe. Border security and critical infrastructure protection are also identified as potential areas of demand.

Counter-drone technology has become a fast-moving segment of the defence market as armed forces seek systems that can keep pace with changing threats without adding major training and support burdens. Suppliers are increasingly focusing on systems that combine sensors and software in a single package and can be upgraded as new drone types and detection tools emerge.

Roke said its architecture was designed to evolve over time, allowing new sensors to be added without changing the operator experience. The company presents this as a way to keep systems usable for non-specialist personnel even as the threat picture changes.

Marc Overton, Managing Director, Roke, said: “Small unmanned systems are among the most disruptive threats facing defence and security forces today. Countering them effectively requires capability that can be integrated rapidly, adapted as threats evolve, and used by the people who need it most, not just specialists.

“CORTEXA GUARDIAN was developed to meet that requirement. It reflects close collaboration with military partners and a clear focus on operational reality. This launch marks an important step in making that capability available more widely.”