Advanced Computer Software Group Ltd – €3,500,000 Fine (United Kingdom, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The UK DPA (ICO) has fined Advanced Computer Software Group Ltd £3.07 million (EUR 3.5 million) for insufficient IT security (infringiment of Art. 32 (1) UK GDPR). The controller failed to implement appropriate technical and organisational measures to protect personal data. A ransomware attack in August 2022 allowed hackers to access systems of a health subsidiary via a customer account that lacked multi-factor authentication. As a result, the personal data of 79,404 individuals was put at risk.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The UK DPA (ICO) has fined Advanced Computer Software Group Ltd £3.07 million (EUR 3.5 million) for insufficient IT security (infringiment of Art. 32 (1) UK GDPR). The controller failed to implement appropriate technical and organisational measures to protect personal data. A ransomware attack in August 2022 allowed hackers to access systems of a health subsidiary via a customer account that lacked multi-factor authentication. As a result, the personal data of 79,404 individuals was put at risk.
Related Enforcement Actions (0)
No other enforcement actions found for Advanced Computer Software Group Ltd in UK
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
26 March 2025
Authority
Information Commissioner's Office
Fine Amount
€3,500,000
Enforcement Tracker ID
ETid-2561
About this data
Cite as: Cookie Fines. Advanced Computer Software Group Ltd - United Kingdom (2025). Retrieved from cookiefines.eu
Last updated: