NHS contractor fined after ransomware attack
After a damaging 2022 ransomware breach disrupted NHS services, the tech vendor responsible has agreed to pay a multimillion-pound fine, with regulators citing serious failures in basic cyber protection.
The tech firm Advanced, which provides services to the NHS, has been fined over £3 million by the UK data watchdog following a major ransomware attack in 2022.
The breach disrupted NHS systems and exposed personal data from tens of thousands across the country.
Originally facing a £6 million penalty, Advanced saw the fine halved after settling with the Information Commissioner’s Office.
Regulators said the firm failed to implement multi-factor authentication, allowing hackers to access systems using stolen login details.
The LockBit attack caused widespread outages, including access to UK patient data. While Advanced acknowledged the resolution, it declined to offer further comment or name a spokesperson when contacted.
For more information on these topics, visit diplomacy.edu.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.