NHS Lanarkshire

NHS Lanarkshire

The UK's data protection watchdog has censured an NHS trust after learning that personnel had been sharing patient information on an unauthorised app for two years.

The compromised data includes names, phone numbers, addresses, images, videos, screenshots and clinical information, according to the Information Commissioner’s Office.

NHS Lanarkshire to ensure that patient data is not compromised again.

Source: https://www.infosecurity-magazine.com/news/nhs-staff-reprimanded-whatsapp/

TPRM report: https://scoringcyber.rankiteo.com/company/nhs-lanarkshire

"id": "nhs7502823",
"linkid": "nhs-lanarkshire",
"type": "Breach",
"date": "08/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'United Kingdom',
                        'name': 'NHS Lanarkshire',
                        'type': 'Healthcare'}],
 'attack_vector': 'Unauthorised App Usage',
 'data_breach': {'file_types_exposed': ['images', 'videos', 'screenshots'],
                 'personally_identifiable_information': ['names',
                                                         'phone numbers',
                                                         'addresses',
                                                         'clinical '
                                                         'information'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'phone numbers',
                                              'addresses',
                                              'images',
                                              'videos',
                                              'screenshots',
                                              'clinical information']},
 'description': "The UK's data protection watchdog has censured an NHS trust "
                'after learning that personnel had been sharing patient '
                'information on an unauthorised app for two years. The '
                'compromised data includes names, phone numbers, addresses, '
                'images, videos, screenshots, and clinical information, '
                'according to the Information Commissioner’s Office.',
 'impact': {'data_compromised': ['names',
                                 'phone numbers',
                                 'addresses',
                                 'images',
                                 'videos',
                                 'screenshots',
                                 'clinical information']},
 'references': [{'source': 'Information Commissioner’s Office'}],
 'title': 'Data Breach at NHS Lanarkshire',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Improper Data Handling Practices'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.