LockBit Strikes Again: Advanced Computer Software Group Slammed with £3.07M Fine for NHS Data Breach!
The UK ICO slapped a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022 ransomware attack. The breach exposed sensitive data of NHS patients, highlighting Advanced’s security shortcomings like poor vulnerability scanning and inadequate patch management. This marks the first UK fine on a data processor rather than a data controller.
Hot Take:
Well, it looks like Advanced Computer Software Group Ltd needs to update their software from ‘Advanced’ to ‘Actually Secure.’ The Information Commissioner’s Office (ICO) just handed them a £3.07 million slap on the wrist for exposing 79,404 people’s data to some digital hoodlums. Advanced might want to start scanning for vulnerabilities with something other than their security team’s bifocals. I mean, who needs universal multi-factor authentication when you have a security system as tough as wet tissue paper, right?
Key Points:
– Advanced Computer Software Group Ltd fined £3.07 million by the ICO.
– The 2022 ransomware attack affected 79,404 individuals, including NHS patients.
– LockBit ransomware group exploited compromised credentials.
– ICO criticized Advanced for poor vulnerability scanning and inadequate patch management.
– The fine marks the first ICO penalty imposed on a data processor, not a data controller.