The UK Information Commissioner’s Office has fined IT and software services company Advanced Computer Software Group Ltd nearly £3.1 million (US $4 million) over a ransomware attack that “put the personal information of 79,404 people at risk.” The attack on Advanced occurred in August 2022 through an account at an Advanced subsidiary that was not protected with multi-factor authentication. Advanced provides services to UK healthcare providers; the attack “caused enormous disruption across the United Kingdom, including taking down the NHS 111 critical service used to triage non-emergency but urgent medical calls.” More https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2025/03/software-provider-fined-3m-following-2022-ransomware-attack/
