Data stolen included checklist for medics on how to get into vulnerable people's homes

The UK's data protection watchdog is dishing out a £3.07 million ($3.95 million) fine to Advanced Computer Software Group, whose subsidiary's security failings led to a ransomware attack affecting NHS care.

Among the data pilfered by ransomware crooks were the instructions on how to enter their homes, typically meant to be seen only by traveling healthcare professionals...

This is nearly half the fine the Information Commissioner's Office provisionally floated in August last year – £6.09 million ($7.8 million) – although it said at the time the final sum would depend on what the company did and said.

The ICO said Advanced settled for the reduced fine after acknowledging the watchdog's decision; agreeing to pay up without appealing; playing nicely with the NCSC, NCA, and NHS following the attack; as well as taking "other steps" taken to mitigate related risk.

The Russian-speaking LockBit ransomware gang ...