A software provider to the NHS has been fined £3.07 million after serious security lapses allowed hackers to steal sensitive personal data in a 2022 ransomware attack.

A Breach With Real-World Impact

The penalty, issued by the Information Commissioner’s Office (ICO), follows a detailed investigation into Advanced Computer Software Group Ltd. In August 2022, the company’s health and care subsidiary was targeted by cybercriminals linked to the LockBit ransomware group. The attackers exploited a customer account that lacked multi-factor authentication (MFA), gaining access to systems used across NHS services.

In total, the personal data of 79,404 individuals was compromised. This included extremely sensitive information such as care plans and (in 890 cases) detailed instructions for entering the homes of vulnerable patients receiving in-home care.

Examples of the seriousness of the effects of the attack include:

– The NHS 111 helpline was forced to revert to manual operations.

– Health professionals across the country were locked out of patient records for extended periods.

– Routine services were thrown into disarray, with some systems offline for weeks.

ICO Says “Fell Seriously Short”

The ICO concluded that Advanced Computer Software Group Ltd had failed to implement basic cybersecurity hygiene expected of an organisation handling high-risk data. While some systems were protected by MFA, coverage was patchy, leaving major entry points exposed. Investigators also found gaps in vulnerability scanning and weaknesses in the company’s patch management processes.

Information Commissioner John Edwards said Advanced’s security “fell seriously short of what we would expect from an organisation processing such a large volume of sensitive information.” He added: “People should never have to think twice about whether their medical records are in safe hands.”

Fine Halved From £6m to £3m

The ICO originally proposed a fine of £6.09 million but ultimately reduced the figure by half. The discount followed a voluntary settlement in which Advanced accepted the findings, agreed not to appeal, and worked closely with the National Cyber Security Centre (NCSC), the National Crime Agency (NCA), and NHS partners in the wake of the breach.

The regulator also acknowledged the company’s efforts to limit the damage and mitigate risks to affected individuals, which contributed to the final penalty being set at £3,076,320.

A Data Processor Under Pressure

As a data processor acting on behalf of healthcare providers, Advanced Computer Software Group Ltd was responsible for protecting information it handled but did not own. That legal duty, the ICO stressed, does not allow for shortcuts. The ICO highlighted how it was not enough to have security measures “in progress” but that they needed to be fully implemented, especially given the volume and sensitivity of the data involved.

This attack, enabled by a single unsecured login, revealed how thinly spread protections can lead to catastrophic consequences when threat actors find a gap.

More Than Just a Cyber Incident

It seems that the fallout in this case extended far beyond IT systems. For example, the data accessed by attackers contained private information used daily by carers, clinicians, and emergency staff. In some cases, the stolen data may have revealed access instructions to individuals’ homes, which is an unprecedented breach of trust and safety for those affected.

For many observers, this incident demonstrated how a breakdown in basic cyber hygiene can translate directly into disruption on the front lines of public health services.

One of the Largest Fines in Years

Advanced’s fine is the highest handed down by the ICO since TikTok was penalised in April 2023 and ranks among the regulator’s top six ever. It places the company alongside British Airways, Marriott, and Interserve in a growing list of high-profile data security failures.

What sets this case apart is the nature of the data compromised, i.e. health and care information linked to some of the most vulnerable people in society. It also highlights how private contractors embedded in public services now face the same scrutiny and accountability as frontline NHS bodies.

What Does This Mean For Your Business?

The clear message from the ICO, illustrated by this case, is that partial protections are not enough. If you’re handling sensitive data, especially as a supplier to critical sectors, every point of access must be secured, monitored, and updated. Incomplete MFA rollout, unpatched vulnerabilities, and weak incident response planning all count as regulatory failures.

This case also highlights how regulators are now expecting more from third-party vendors, and public sector clients are unlikely to forgive repeat offenders. For procurement teams, cyber due diligence is no longer optional. It must include not only accreditations and policies, but proof that systems are fully hardened and actively monitored.

That said, Advanced’s experience shows that cooperation can actually reduce fines, but it doesn’t undo the reputational and operational damage. For suppliers across healthcare, education, and government services, the priority now is clear, i.e. secure the basics or risk losing everything.

Troy Hunt (creator of ‘Have I Been Pwned’) has confirmed his blog’s mailing list was compromised after he fell for a phishing attack mimicking Mailchimp.

Hunt says that while he was jet-lagged in London, he received a convincing phishing email prompting him to log into a fake Mailchimp site, mailchimp-sso.com. Hunt says he entered his login details and a one-time password, only realising the mistake moments later. Despite resetting his password swiftly, the attacker had already exported his mailing list from a New York IP address.

Around 16,000 email addresses were exposed, including over 7,500 belonging to users who had unsubscribed, a detail Hunt criticised, questioning why Mailchimp retains unsubscribed data. The stolen data also included IP addresses and rough location metadata.

Hunt admitted the phishing email was well-crafted, creating just enough urgency without sounding alarmist. “We all have moments of weakness and if the phish times just perfectly with that, well, here we are,” he wrote. Ironically, the incident happened the day after he’d been discussing passkey adoption with the UK’s National Cyber Security Centre.

He has since notified affected users and loaded the breach into Have I Been Pwned, reinforcing his long-held message about transparency and rapid disclosure in data breaches.

For businesses, this incident is a reminder that even experts are vulnerable. Clear phishing awareness training, secure password management, and adoption of phishing-resistant technologies like passkeys are now essential steps in protecting sensitive data.

UK startup Phasecraft says its new THRIFT algorithm makes quantum simulations 10 times larger and longer, potentially unlocking major breakthroughs in materials, energy, and climate tech.

Breakthrough

Phasecraft, a Bristol- and London-based quantum computing startup, has announced what it calls the most significant leap yet in quantum simulation efficiency. Its new algorithm, THRIFT, allows simulations to run for ten times longer and at ten times the scale, a breakthrough that could accelerate discoveries in battery storage, sustainable materials, and climate-critical technologies.

Removes Limitations From Quantum Simulations

The advancement, published in Nature Communications, improves how quantum computers simulate complex physical systems. Unlike classical computers, which struggle to handle the vast number of possibilities within quantum mechanics, quantum computers are uniquely suited to model the changing behaviour of particles and molecules, but they’ve been limited by short run times and error-prone results. That’s what THRIFT aims to fix.

What Are Quantum Simulations And Why Do They Matter?

Quantum simulations are a way of using quantum computers to model how physical systems behave and change over time, especially at the atomic and molecular level. This includes things like how molecules interact in a new medicine, or how the internal structure of a battery changes as it charges and discharges. The value of such simulations is that they let scientists observe outcomes before running costly or time-consuming experiments in the real world.

Promising For Sustainability

The potential for more efficient quantum simulations is especially powerful for sustainability challenges. For example:

– Creating more efficient batteries by simulating materials at the quantum level.

– Designing catalysts for cleaner hydrogen production.

– Modelling carbon capture processes or low-impact construction materials.

However, until now, simulations on quantum hardware have been severely limited, often too small or too short to provide truly useful data.

What Makes Phasecraft’s ‘THRIFT’ Approach Different?

THRIFT, which stands for Trotter Heuristic Resource Improved Formulas for Time-dynamics, is Phasecraft’s new method for breaking down and simulating complex quantum systems more efficiently. The core idea lies in how quantum simulations evolve over time. Traditional methods divide these evolutions into small time steps using a “Trotter” formula. The problem is that they treat all interactions equally, which bloats the simulation and leads to unnecessary operations.

“Existing methods are slow, resource-intensive, and struggle to scale,” says Raul Santos, Lead Quantum Scientist at Phasecraft. “They use a high number of quantum gates to maintain accuracy, but this becomes impractical as the simulation grows.”

However, THRIFT counters these issues by prioritising the parts of the system that matter most. For example, some interactions evolve more slowly or contribute less to the overall behaviour of the system, so THRIFT allocates fewer computational resources to them. This streamlined process dramatically reduces the number of quantum operations required, cutting errors and allowing for much longer and more detailed simulations.

Simulations 10x Larger and 10x Longer

In trials, THRIFT improved estimates for a widely used benchmark in quantum physics, the one-dimensional transverse-field Ising model, achieving simulations 10x larger and 10x longer than with standard methods, without increasing circuit size or computational cost.

Built for Today’s Quantum Machines

One of the key strengths of THRIFT is that it works on today’s imperfect quantum computers and is not just designed for the powerful machines of the future. Quantum hardware is still ‘noisy’, meaning it’s prone to errors and has limited capacity. Phasecraft’s innovation, however, appears to be in designing software that maximises what’s possible even on current-generation devices.

“We’ve shown a 10x increase on today’s machines,” says Santos. “And we’d expect this to only get better as hardware advances and quantum computers become better at tolerating errors.”

Focusing On Working With Today’s Hardware

Rather than waiting for quantum hardware to mature, Phasecraft appears to be focusing on making the most of what’s available today. The hope is that this approach will put the company in a strong position as Big Tech continues to pour investment into next-generation quantum processors, including Google’s Willow chip, Microsoft’s Majorana platform, and Amazon’s Ocelot. As Phasecraft’s Raul Santos says: “This algorithm enhances efficiency on near-term devices, like those Google and Microsoft have announced,” and that “Any improvements in their performance can only enhance our approach.”

Real-World Impact

The theory is that the longer and more detailed the simulation, the better scientists can understand how a system behaves and ultimately design better materials and molecules. This means Phasecraft’s THRIFT breakthrough could open the door to real-world applications in areas where incremental efficiency gains could have massive sustainability impacts. For example, as Phasecraft CEO and co-founder Ashley Montanaro says:

“Work by Raul and the team has delivered the highest-performance quantum algorithms known for simulating some prominent and well-studied physical systems. This improvement will push us closer to real-world quantum applications in materials science, chemistry, and beyond.”

Examples of areas where it could make a real difference include:

– Energy Storage. More accurate simulations of battery chemistries could reduce the need for rare and environmentally damaging materials.

– Pharmaceuticals. Simulating molecular interactions more precisely could speed up drug development and reduce lab waste.

– Manufacturing. Discovering lighter or more durable materials through simulation can lower emissions across supply chains.

The point is that it’s not just about speed, but it’s about being able to run simulations that were previously impossible. This could fundamentally reshape how innovation happens in sectors critical to net-zero goals.

Challenges and Next Steps

Despite the reported progress, Phasecraft’s achievement doesn’t mean quantum simulations are ready for widespread commercial use just yet. THRIFT has so far been tested on a simplified benchmark, i.e. the Ising model which, while important, doesn’t fully represent the complexity of real-world systems.

There’s also the broader challenge of access. Running quantum simulations still requires deep technical expertise and partnerships with hardware providers. Although Phasecraft collaborates with companies like Google, IBM, and QuEra, the barrier to entry remains high for most organisations.

Energy use is another factor. While quantum computers promise efficiency gains in the long run, current machines require cryogenic cooling and specialised environments, which come with their own environmental footprint. For now, those costs must be weighed against the potential gains in simulation efficiency.

What Does This Mean For Your Organisation?

In enabling longer, larger, and more efficient simulations on existing hardware, Phasecraft’s THRIFT algorithm essentially brings practical quantum applications closer, particularly in areas such as energy storage, materials design, and low-impact manufacturing.

For UK businesses and organisations, this could pave the way for faster development of green technologies, from energy storage systems and new materials to more efficient chemical processes. Companies working in advanced manufacturing, cleantech, and pharmaceuticals could benefit from earlier and more accurate testing and from reducing the risks and costs involved in developing sustainable solutions. As the UK looks to maintain its edge in science-led innovation, the ability to work with cutting-edge quantum tools, developed on home soil, could also become a valuable strategic asset.

In essence here, rather than simply accepting the limitations of current quantum hardware and waiting for future machines to deliver breakthroughs, Phasecraft’s work shows that smart software (grounded in real scientific insight) can start delivering value now. That approach could influence how other startups, institutions and governments think about the role of quantum technologies in addressing real-world challenges, from climate resilience to resource efficiency.

That said, there’s still a long way to go. Scaling these simulations to solve complex, real-world problems will require further advances in both algorithms and hardware. Access to quantum platforms remains limited, and widespread commercial adoption is still some way off. However, by closing the gap between theoretical potential and practical application, Phasecraft’s THRIFT algorithm brings quantum computing one step closer to playing a meaningful role in shaping a more sustainable future.

ChatGPT has recently made a dramatic difference to the images you can produce and this video provides five examples of how it can be used – impressive stuff!

[Note – To Watch This Video without glitches/interruptions, It may be best to download it first]

Did you know your phone can double up as a magnifying glass? If you don’t have your glasses to hand, this built-in feature lets you zoom in on labels, menus or instructions using your phone’s camera, perfect when you’re out and about.

How To Use It On iPhone:

– Open the Settings app.
– Tap ‘Accessibility’, then select ‘Magnifier’.
– Toggle it on — this adds the Magnifier app to your device.
– You can now open it from the Home Screen, App Library, or Control Centre.
– Or, go to ‘Accessibility Shortcut’, select ‘Magnifier’, and triple-click the side button (or Home button) to activate it.
– Use the on-screen slider to zoom in, turn on the torch for better lighting, or take a freeze-frame if the image is shaky.

How To Use It On Android:

Most Android phones don’t have a built-in magnifier app, but there are plenty of free camera-based magnifier apps available.

– Open the Google Play Store.
– Search for “Magnifying Glass” or “Magnifier + Flashlight”.
– Choose a well-reviewed app.
– Once installed, open the app and point your camera at the text or object.
– Use the zoom slider and built-in light to make things clearer. Some apps also let you freeze the image for a closer look.

Whether you’re reading tiny ingredients on packaging or checking small print on a form, this is one of the quickest ways to turn your phone into a real-world accessibility tool – no internet required.

In this week’s featured article, we look at how a false murder claim by ChatGPT has fuelled fresh concerns over AI accuracy and hallucinations.

A Father Falsely Accused by AI

In quite a shocking story, a Norwegian man has filed a formal complaint after ChatGPT falsely claimed he murdered two of his sons! The case, now lodged with Norway’s data protection authority (Datatilsynet), is raising serious questions about AI hallucinations and how companies like OpenAI are handling personal data.

Who Is Arve Hjalmar Holmen?

Arve Hjalmar Holmen, the man at the centre of the complaint, is what you might call a private citizen. He’s not a public figure, has no criminal record, and lives with his family in Trondheim (Norway) and yet when he typed his own name into ChatGPT last year, the chatbot responded with a chilling story.

Holmen alleges that ChatGPT claimed he had been convicted of killing two of his sons, attempting to murder a third, and had been sentenced to 21 years in prison! It even mentioned the tragic event “shocked the local community and the nation”. The only issue (and quite a large one) here is that it never happened.

Scared

Holmen is reported to have said that the fact that other people could read this bizarre output and believe it is true scared him.

Although the key claim was inaccurate, it seems that the AI’s fictional story didn’t come entirely out of thin air. For example, it correctly mentioned that Holmen lives in Trondheim and has three sons. The ages in the fabricated account also eerily mirrored the real age gap between his children.

It’s been reported that Holmen has said he tried to contact OpenAI, but received only a generic response. It seems therefore that frustratedly, he turned to noyb, a European digital rights group, which has now filed an official GDPR complaint on his behalf.

The Legal Challenge

The complaint accuses OpenAI of breaching Article 5(1)(d) of the GDPR, which requires organisations to ensure that personal data is accurate and kept up to date. Noyb argues that the company should delete the output and “fine-tune” its model to prevent further harm to Holmen’s reputation.

They are also calling for the Norwegian data authority to impose a fine. In the words of Joakim Söderberg, noyb’s legal officer: “You can’t just spread false information and in the end add a small disclaimer saying that everything you said may just not be true”.

What Are AI Hallucinations?

The Holmen case is the latest example of what the industry calls a “hallucination”, i.e. when an AI system makes something up and presents it as fact.

These errors are surprisingly common in large language models like ChatGPT and Google’s Gemini. For example, just last year, Gemini suggested people glue cheese to pizza and eat rocks for health reasons!

These so-called ‘hallucinations’ are a result of how these AI models work. For example, rather than “knowing” facts, they predict the most likely next word or phrase based on patterns in vast amounts of text. This can produce convincingly written (but totally inaccurate) results.

As Professor Simone Stumpf of the University of Glasgow explains: “Even if you are involved in the development of these systems… quite often, you do not know how they actually work, why they’re coming up with this particular information.”

OpenAI’s Response

OpenAI has acknowledged the incident but says it relates to an older version of ChatGPT. The company says it has since rolled out a new model with internet search capabilities, which it says improves accuracy.

However, the original conversation remains in OpenAI’s system, and critics say more needs to be done to prevent such reputational damage in the future.

What Does This Mean For Your Business?

This story raises a pressing question, i.e. how much trust can individuals and businesses place in today’s most powerful tech platforms? We see how AI can cause very real harm through inaccuracies that feel all too plausible.

For individuals like Arve Hjalmar Holmen, the (alleged) damage caused by false AI-generated content is deeply personal, but the implications extend far beyond a single case. As generative AI becomes increasingly embedded in everything from customer service to search engines, the risks around misinformation, defamation, and lack of accountability are growing more serious. For regulators and privacy advocates, this case could become a key reference point in the broader push to bring AI development in line with data protection laws, especially in Europe, where the GDPR offers some of the strongest safeguards.