NHS vendor Advanced will pay just over £3 million ($3.8 million) in fines for not implementing basic security measures before it suffered a ransomware attack in 2022, the U.K.’s data protection regulator has confirmed.
It’s half the fine that the Information Commissioner’s Office had initially sought in August 2024, when the data watchdog said it was going to fine Advanced more than £6 million for its security failings.
The ICO said Wednesday that Advanced “broke data protection law” by not fully rolling out multi-factor authentication prior to its breach, which allowed hackers to break in with stolen credentials and steal the personal information of tens of thousands of people across the United Kingdom.
The LockBit ransomware attack on Advanced caused widespread outages across the NHS, including patient data systems that Advanced maintains on behalf of the NHS.
In a statement, Advanced confirmed that it had settled the matter. Advanced declined to name a spokesperson when asked by TechCrunch.
Chinese marketplace DHgate becomes a top US app as trade war intensifies
The Trump trade war has gone viral on TikTok, pushing a Chinese e-commerce app, DHgate, to the top of the...
Hertz says customers’ personal data and driver’s licenses stolen in data breach
Car rental giant Hertz has begun notifying its customers of a data breach that included their personal information and driver’s...
OpenAI plans to phase out GPT-4.5, its largest-ever AI model, from its API
OpenAI said on Monday that it would soon wind down the availability of GPT-4.5, its largest-ever AI model, via its...
Google’s newest AI model is designed to help study dolphin ‘speech’
Google’s AI research lab, Google DeepMind, says that it has created an AI model that can help decipher dolphin vocalizations,...
