Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Data Breach at NHS Lanarkshire

August 2, 2023
Reading Time: 2 mins read
in Incidents
Data Breach at NHS Lanarkshire

An NHS trust in the UK faces repercussions from the data protection regulator for a concerning breach of patient data privacy. Over a span of two years, 26 staff members at NHS Lanarkshire utilized an unauthorized WhatsApp group to share sensitive patient information, including names, phone numbers, addresses, images, videos, screenshots, and clinical data, as revealed by the Information Commissioner’s Office (ICO).

Furthermore, the WhatsApp group, initially set up to aid staff communication during the early days of the pandemic, was not approved for processing patient data, which falls under GDPR’s “special category” of personal data, enjoying special protection under Article 9 of the law.

At the same time, the staff’s undisclosed use of the group led to the inadvertent addition of a non-staff member, resulting in the inappropriate disclosure of personal information, highlighting the risks associated with shadow IT.

Additionally, the NHS trust notified the ICO upon discovering the incident, but by then, patient data had already been entered into the app more than 500 times. Subsequent investigations concluded that the trust lacked appropriate policies, guidance, and processes when WhatsApp was introduced, with no risk assessment conducted at that time.

John Edwards, the Information Commissioner, stressed the need for careful and secure treatment of patient data to build trust among people. Despite the immense pressure faced by healthcare providers during the pandemic, he asserted that data protection standards cannot be compromised.

Edwards urged all healthcare organizations to learn from this incident, reevaluate their policies regarding messaging apps and patient data processing, and ensure that patient data remains safeguarded.

References:
  • ICO reprimands NHS Lanarkshire for sharing patient data via WhatsApp
Tags: August 2023Cyber incidentCyber Incidents 2023CyberattackCybersecurityHealthcareLanarkshireNHSUKVulnerabilitiesWhatsapp
ADVERTISEMENT

Related Posts

Co-op Data Stolen of 6.5M Members

Stormous Hits North Country Health

July 18, 2025
Co-op Data Stolen of 6.5M Members

Co-op Data Stolen of 6.5M Members

July 18, 2025
Co-op Data Stolen of 6.5M Members

BigONE Crypto Exchange $27M Hit

July 18, 2025
Customer Data Breach at Seychelles Bank

Cyberattack Strikes Air Serbia

July 17, 2025
Customer Data Breach at Seychelles Bank

Ukrainian Hack Hits Russian Drone Firm

July 17, 2025
Customer Data Breach at Seychelles Bank

Customer Data Breach at Seychelles Bank

July 17, 2025

Latest Alerts

Matanbuchus Malware Spread via Teams Voice

Hackers Host Amadey Malware via GitHub Repos

Malicious npm Packages Deliver Protestware

Malicious Telegram APK Campaign Uncovered

Stealthy JavaScript Attacks via SVG Files

SonicWall Zero-Day RCE Exploited

Subscribe to our newsletter

    Latest Incidents

    Stormous Hits North Country Health

    BigONE Crypto Exchange $27M Hit

    Co-op Data Stolen of 6.5M Members

    Cyberattack Strikes Air Serbia

    Customer Data Breach at Seychelles Bank

    Ukrainian Hack Hits Russian Drone Firm

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial