NHS Software Provider Faces Mighty £6M Fine Over Ransomware Fiasco

The UK’s data protection watchdog plans to fine Advanced Computer Software Group £6.09 million for a 2022 ransomware attack. The NHS had to revert to pen-and-paper operations, and sensitive data of 82,946 people was stolen. Information Commissioner John Edwards emphasizes the importance of multi-factor authentication.

3P
Published: August 7, 2024 9:01 amAdded: August 7, 2024 at 2:35 amAssembled by: The Editor
Pro Dashboard

Hot Take:

When your IT security is so bad that even a pencil is more reliable, you know you have a problem. Way to go, Advanced Computer Software Group! You managed to make pen-and-paper operations seem like cutting-edge technology in 2022!

Key Points:

  • The UK’s ICO plans to fine Advanced Computer Software Group £6.09 million for a 2022 ransomware attack.
  • Incident forced NHS’s non-emergency 111 line back to pen-and-paper operations for weeks.
  • Attackers used legitimate credentials and exploited lack of multi-factor authentication (MFA).
  • 82,946 people’s data, including sensitive medical records and home access details, were stolen.
  • ICO’s provisional findings highlight severe security failings and the need for organizations to prioritize information security.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?