£3M Fine for IT Company After NHS Breach
In the UK, the Information Commissioner's Office (ICO) fined Advanced Computer Software Group £3 million for security failures that led to a ransomware attack on the NHS, exposing the personal information of 79,404 individuals.
In August 2022, hackers accessed patients' phone numbers, medical records, and entry details for 890 home care recipients due to insufficient multi-factor authentication on a customer's account. The breach disrupted critical services like NHS 111 and patient check-ins. The ICO criticized Advanced for inadequate security measures and noted that the fine serves as a reminder to firms to ensure they have "robust security measures in place".
Initially, the ICO proposed a £6 million fine, but it was halved due to Advanced Computer Software Group's proactive engagement with the authorities post-attack. Read more about this story on our LinkedIn page
In August 2022, hackers accessed patients' phone numbers, medical records, and entry details for 890 home care recipients due to insufficient multi-factor authentication on a customer's account. The breach disrupted critical services like NHS 111 and patient check-ins. The ICO criticized Advanced for inadequate security measures and noted that the fine serves as a reminder to firms to ensure they have "robust security measures in place".
Initially, the ICO proposed a £6 million fine, but it was halved due to Advanced Computer Software Group's proactive engagement with the authorities post-attack. Read more about this story on our LinkedIn page