{"id":29145,"date":"2025-03-27T05:41:42","date_gmt":"2025-03-27T09:41:42","guid":{"rendered":"https:\/\/worldjusticenews.com\/news\/?p=29145"},"modified":"2025-03-27T05:41:42","modified_gmt":"2025-03-27T09:41:42","slug":"nhs-software-provider-fined-3m-over-data-breach-after-ransomware-attack","status":"publish","type":"post","link":"https:\/\/worldjusticenews.com\/news\/2025\/03\/27\/nhs-software-provider-fined-3m-over-data-breach-after-ransomware-attack\/","title":{"rendered":"NHS software provider fined \u00a33m over data breach after ransomware attack"},"content":{"rendered":"
\n
\n

An NHS software provider has been fined \u00a33m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS.<\/b><\/p>\n

The Advanced Computer Software Group was fined for a breach that put personal information of 79,404 people at risk, the UK’s data protection watchdog said.<\/p>\n

The firm provides IT and software services to organisations around the country, including the NHS and other health providers, handling information in its role as a data processor.<\/p>\n

The breach\u00a0took place in August 2022<\/a>, when hackers gained access to patients’ phone numbers and medical records as well as details of how to gain entry to the homes of 890 people receiving care at home.<\/p>\n<\/div>\n<\/div>\n

\n
\n

The unidentified hackers were able to gain access to the information by using a customer’s account that did not have sufficient protection in the form of multi-factor authentication.<\/p>\n

The regulator’s investigation concluded that Advanced did not have appropriate security measures in place prior to the incident.<\/p>\n

The cyberattack led to the disruption of critical services including NHS 111, and left some healthcare staff unable to access patient records.<\/p>\n

Software used to facilitate patient check-ins was also impacted.<\/p>\n

Last year, the regulator criticised Advanced over the incident, which placed “further strain” on a “sector already under pressure”.<\/p>\n

While the company had installed multi-factor authentication across many of its systems, “the lack of complete coverage” was criticised by Information Commissioner John Edwards.<\/p>\n

“The security measures of Advanced’s subsidiary fell seriously short of what we would expect from an organisation processing such a large volume of sensitive information,” Mr Edwards said.<\/p>\n

He added the fine should serve as a “stark reminder” to organisations to ensure they have “robust security measures in place”.<\/p>\n

“There is no excuse for leaving any part of your system vulnerable,” Mr Edwards added.<\/p>\n

Last year, the ICO announced it intended to impose a\u00a0provisional \u00a36m fine<\/a>\u00a0on Advanced for the breach.<\/p>\n

However, the watchdog said the sum had been halved because of the proactive engagement of Advanced with police, cyber security services and the NHS following the attack.<\/p>\n

Source: bbc.co.uk<\/a><\/p>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

An NHS software provider has been fined \u00a33m by the Information Commissioner’s Office (ICO) over security failings that led to a ransomware attack on the NHS. The Advanced Computer Software Group was fined for a […]<\/a><\/div>\n","protected":false},"author":1,"featured_media":29146,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","footnotes":""},"categories":[109,2,4],"tags":[11140,5056,7120,2134,1009,4324,6270],"class_list":{"0":"post-29145","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-headline","8":"category-news","9":"category-uk","10":"tag-advanced-computer-software-group","11":"tag-cyber-attack","12":"tag-cyber-security","13":"tag-data-breach","14":"tag-hackers","15":"tag-nhs","16":"tag-ransomware","17":"pmpro-has-access"},"_links":{"self":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts\/29145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/comments?post=29145"}],"version-history":[{"count":1,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts\/29145\/revisions"}],"predecessor-version":[{"id":29147,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts\/29145\/revisions\/29147"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/media\/29146"}],"wp:attachment":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/media?parent=29145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/categories?post=29145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/tags?post=29145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}