Back
Viewing 0 reply threads
  • Author
    Posts
    • 2025-09-16 at 12:46 pm #50546
      Salin Sirinam
      Participant

      Description of the case study:
      In 2022, the NHS’s IT provider, Advanced Computer Software Group, was attacked by ransomware. Advanced provided software for many parts of the UK health service, including patient referral, ambulance dispatch, booking appointments, and other health services.

      Reference:
      https://www.bbc.com/news/technology-62506039
      https://www.theguardian.com/technology/2022/aug/11/nhs-ransomware-attack-what-happened-and-how-bad-is-it

      Impact of the breach:
      The attack caused a data breach that exposed sensitive personal information of patients across the UK, including medical records and phone numbers, putting around 80,000 people at risk. This attack also disrupted the medical workers’ access to patient histories, making them unable to provide clinical decisions and management in various segments such as the emergency unit and mental health trusts. The details of how to gain entry to the homes of 890 people receiving home care were also leaked. Therefore, this consequence raises both privacy and physical safety risks.

      How the data breach occurred:
      The attacker was revealed to have gained the access through a customer account that was linked to personal information.

      The main cause of the data breach:
      According to the ICO investigation, multiple causes were revealed
      – Incomplete multi-factor authentication. This measure was not consistently enforced in the system. Therefore, the hackers were able to access the personal account more easily.
      – The provider had no solid process to identify and fix the weak points in the system regularly. Moreover, they ignored the national alerts to fix the weakness in the system as well.

      How to prevent this data breach attack:
      – MFA should be enforced to cover the user accounts
      – The systematic, structured policy need to be introduced, covering the clear plan of active threat detection
      – The software provider should proactively identify the vulnerable points across the system, including working closely with the other stakeholders, such as the NHS and the national security agencies.

  • Author
    Posts
Viewing 0 reply threads

You must be logged in to reply to this topic. Login here