Britain's data protection watchdog says it plans to fine a provider of managed software to the NHS £6.09 million ($7.7 million) for flaws that led to a 2022 ransomware attack.
[AUGUST 2024] Deploy a Hugo Site with Cloud Build and Firebase Pipeline | #GSP747 #qwiklabs
Reading the press release, we've never seen the word "provisional" appear so many times in such a short piece of copy, but the Information Commissioner's Office (ICO) really tried to hammer home the fact that nothing is set in stone and the final punishment will be decided after the seller has had his say on the matter.
That vendor is Advanced Computer Software Group; you may remember it from El Reg stories published nearly two years ago today. Advanced took its systems offline on August 4, 2022, in an incident eventually attributed to LockBit, back in its heyday that has thankfully now ended.
NHS non-emergency phone operators on the 111 line were forced to revert to pen and paper as disruptions continued for weeks. Some systems were still down in October of that year.
