NHS vendor Superior pays simply over £3 million ($3.8 million) in fines for not implementing primary security measures earlier than it suffered a ransomware assault in 2022, the U.Ok.’s knowledge safety regulator has confirmed.
It’s half the high quality that the Data Commissioner’s Workplace had initially sought in August 2024, when the information watchdog mentioned it was going to high quality Superior greater than £6 million for its security failings.
The ICO mentioned Wednesday that Superior “broke knowledge safety legislation” by not totally rolling out multi-factor authentication previous to its breach, which allowed hackers to interrupt in with stolen credentials and steal the private info of tens of 1000’s of individuals throughout the UK.
The LockBit ransomware assault on Superior precipitated widespread outages throughout the NHS, together with affected person knowledge techniques that Superior maintains on behalf of the NHS.
In a press release, Superior confirmed that it had settled the matter. Superior declined to call a spokesperson when requested by information.killnetswitch.
