1. Forum
  2. tqwNet
  3. TQW GENTECH

  • NHS IT supplier hit with major fine following ransomware attack

    From TechnologyDaily@1337:1/100 to All on Thursday, March 27, 2025 10:45:08
    NHS IT supplier hit with major fine following ransomware attack

    Date:
    Thu, 27 Mar 2025 10:38:19 +0000

    Description:
    Advanced has been fined for putting thousands of users information at risk.

    FULL STORY ======================================================================Advanced
    software firm has been fined by the ICO for a data breach This is the first penalty for a data processor The information of over 79,000 people was put at risk

    The UK Information Commissioners Office (ICO) has issued a fine of 3.07 million to software firm Advanced Computer Group Ltd following a 2022 ransomware attack in which NHS data was stolen and systems were encrypted, putting the personal information of 79,404 people at risk.

    This is the first fine from the ICO given to a data processor, and serves as
    a stark reminder that organisations risk becoming the next target without robust security measures in place, the Commissioner says.

    The attack caused disruptions to critical services at the time, including NHS 111, and meant some healthcare staff were unable to access patient records. The stolen information included patient phone numbers, medical records, and most concerning, access details for the homes of 890 people receiving care at home. Insufficient protections

    The ICOs investigation found that Advanced Computer Group Ltd didnt deploy sufficient technical and organisational measures to keep health and car systems fully secure prior to the incident, and pointed to gaps in Multi Factor Authentication Deployment, inadequate patch management, and a lack of comprehensive vulnerability scanning.

    The security measures of Advanceds subsidiary fell seriously short of what we would expect from an organisation processing such a large volume of sensitive information, confirms John Edwards, Information Commissioner.

    While Advanced had installed multi-factor authentication across many of its systems, the lack of complete coverage meant hackers could gain access, putting thousands of peoples sensitive personal information at risk.

    The firm was hit by a provisional fine of 6m in August 2024, but this was reduced after considerations were submitted to the ICO, including Advanceds proactive engagement with the NCSC, the NCA, and the NHS in the wake of the attack and other steps taken to mitigate the risk to those impacted. You
    might also like Take a look at our picks for the best malware removal
    software around Check out our choice for best antivirus software One of the most powerful ransomware hacks around has been cracked using some serious GPU power



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/nhs-it-supplier-hit-with-major-fine-fol lowing-ransomware-attack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)