Medical Firm Fined £100k After Hackers Steal Patient Data for Phishing Scams

MSG in Guernsey fined £100k after hackers stole patient data; failed security updates led to phishing attacks.

By Content Team

Oct 26, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Medical Specialist Group (MSG) in Guernsey faces a £100,000 fine after hackers stole thousands of patient emails containing confidential health data. The breach started in August 2021 but went undetected for over three months. Criminals later used the stolen information in phishing campaigns targeting patients.

The Office of the Data Protection Authority found MSG failed to install critical security updates and missed opportunities to detect the attack. Commissioner Brent Homan said medical information requires the highest protection levels, which MSG failed to provide.

MSG must pay £75,000 within 60 days, with another £25,000 due in 14 months unless they complete an approved action plan.

Source: BBC News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Hackers Compromise Popular JavaScript Library Axios, Potentially Affecting 600,000 Downloads

Mar 31, 2026

VS Code Configs Expose GitHub Codespaces to Supply Chain Attacks

Feb 5, 2026

Signal Warns Users After Russian Hackers Target Officials Through Phishing Scams

Mar 11, 2026

US Investigates Claims Meta Can Read Encrypted WhatsApp Messages

Feb 1, 2026