The Medical Specialist Group in Guernsey has been fined £100,000 by the Office of the Data Protection Authority following a major data breach
The Medical Specialist Group in Guernsey has been fined £100,000 by the Office of the Data Protection Authority following a major data breach that exposed thousands of patient emails containing confidential medical information, reports the BBC.
The breach, which began in August 2021 and went undetected for over three months, led to stolen data being used in phishing attacks against patients.
The ODPA found MSG had failed to apply key security updates and missed several warning signs that could have prevented the intrusion, ruling the firm had breached the Data Protection Law by not adequately safeguarding personal data. Commissioner Brent Homan said medical data "demands the highest level of protection," emphasizing that MSG's defenses "fell well short of legal requirements."
MSG's CEO, Dr. Farid Fouladinejad, pledged to restore public confidence and said the company had implemented major cybersecurity upgrades and training to ensure patients' data would receive exceptional protection going forward.
Sharon Florentine is the editorial director for CyberRisk Alliance’s Channel Brands and acting editorial director for SC UK. She is responsible for setting strategy and editorial direction and developing content for news, features, analysis and other written content, moderates live webcasts, and oversees research projects. Sharon has previously held key editorial, content and leadership positions at DevOps.com, Security Boulevard, CIO.com, Ziff Davis Enterprise, and CRN, among others.
Sharon Florentine is the editorial director for CyberRisk Alliance’s Channel Brands and acting editorial director for SC UK. She is responsible for setting strategy and editorial direction and developing content for news, features, analysis and other written content, moderates live webcasts, and oversees research projects. Sharon has previously held key editorial, content and leadership positions at DevOps.com, Security Boulevard, CIO.com, Ziff Davis Enterprise, and CRN, among others.
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
