Anasayfa » News » NHS software provider fined £3m over data breach

NHS software provider fined £3m over data breach

NHS software provider fined £3m over data breach
You May Be Interested In:The insidious doublespeak of Trump’s freedom of ‘choice’


An NHS software provider has been fined £3m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS.

The Advanced Computer Software Group was fined for a breach that put personal information of 79,404 people at risk, the UK’s data protection watchdog said.

The firm provides IT and software services to organisations around the country, including the NHS and other health providers, handling information in its role as a data processor.

The breach took place in August 2022, when hackers gained access to patients’ phone numbers and medical records as well as details of how to gain entry to the homes of 890 people receiving care at home.

The unidentified hackers were able to gain access to the information by using a customer’s account that did not have sufficient protection in the form of multi-factor authentication.

The regulator’s investigation concluded that Advanced did not have appropriate security measures in place prior to the incident.

The cyberattack led to the disruption of critical services including NHS 111, and left some healthcare staff unable to access patient records.

Software used to facilitate patient check-ins was also impacted.

Last year, the regulator criticised Advanced over the incident, which placed “further strain” on a “sector already under pressure”.

While the company had installed multi-factor authentication across many of its systems, “the lack of complete coverage” was criticised by Information Commissioner John Edwards.

“The security measures of Advanced’s subsidiary fell seriously short of what we would expect from an organisation processing such a large volume of sensitive information,” Mr Edwards said.

He added the fine should serve as a “stark reminder” to organisations to ensure they have “robust security measures in place”.

“There is no excuse for leaving any part of your system vulnerable,” Mr Edwards added.

Last year, the ICO announced it intended to impose a provisional £6m fine on Advanced for the breach.

However, the watchdog said the sum had been halved because of the proactive engagement of Advanced with police, cyber security services and the NHS following the attack.

share Paylaş facebook pinterest whatsapp x print

Similar Content

Henry Cavill
Henry Cavill’s Warhammer 40,000 series moves forward at Amazon December 10, 2024
Ethereum Whale Resurfaces After Trump's Victory, Making $30M Profit
Ethereum Whale Resurfaces After Trump’s Victory, Making $30M Profit November 8, 2024
Windows 11 24H2 update breaks Ubisoft games, fix still pending
Windows 11 24H2 update breaks Ubisoft games, fix still pending November 25, 2024
A two-hour interview is enough to create an accurate AI replica of your personality, says Stanford study
A two-hour interview is enough to create an accurate AI replica of your personality, says Stanford study January 5, 2025
Microsoft changed how files are handled on mobile Office apps
Microsoft is using Word and Excel user data for AI training by default, and opting out isn’t easy (Updated) November 26, 2024
Microsoft Warns Election Disruption from China, Russia & Iran Will Only Increase
Microsoft Warns Election Disruption from China, Russia & Iran Will Only Increase October 27, 2024
Flash News Hub | © 2025 | News