Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
A report has revealed that a recent Birmingham City Council data breach incident has taken place after private information was mistakenly published online.
It is alleged that the exposed data included the details of “vulnerable children”, although this has reportedly been disputed by the local authority. The council said that a number of citizens were affected, but has yet to confirm just how many people were affected.
The Birmingham City Council data breach appears to be yet another example of the human error data breaches we have seen occur at local authorities time and time again. As advocates of data security, we believe that there is never an excuse for errors such as this, as everyone has the right to have their private data kept safe. In many cases, victims of data breaches can be eligible to claim compensation for any harm caused. This may also be a possibility for those affected by the breach at Birmingham City Council.
Cyberattacks can be a common reason for the occurrence of data breaches, as criminals often target company databases to gain access to huge swathes of information. There is one type of attack that is particularly malicious in nature: when databases with highly sensitive data are hacked and the victims are held to ransom by cybercriminals, perhaps seeking payment in return for a vow that they will not misuse or publish the information.
These can sometimes be empty promises, placing the victims in danger whether they choose to pay up or reject the ransom. Unfortunately, poor data security of some organisations can often be the reason as to why victims end up in this defenseless position in the first place, as weaknesses in their systems could allow cybercriminals to break through.
If you have been put in a precarious situation due to a ransomware attack, we are here to advise you on your potential right to claim data breach compensation from those responsible for negligence.
In what is continuing to be a common trend for local government authorities, the recent Blackpool Council data leak has seen the exposure of personal data belonging to hundreds of individuals.
The issue has been labelled as a so-called accidental “human error” incident. A data handling mistake reportedly resulted in the details of about 428 people being made public, when the data should have remained private.
Occurring within months of our coverage of the Hackney Council cyberattack and the Bristol City Council data leak, this breach unfortunately comes as no shock to us. It probably comes as no shock to anyone who has become familiar with recurring patterns of council data leaks in general. Inadequate data protection practices at so many local councils means that this is a nationwide problem. We are here to help anyone affected by data breaches like this, striving to win them the compensation they deserve.
For businesses with expanding opportunities and responsibilities, it often becomes necessary to hire external providers and suppliers to ensure the efficiency of company operations. Data leaks from outsourcing can unfortunately occur when these external providers lapse in protecting the information held by the company they work with.
However, when a data leak does arise, it is not acceptable for the affected company to simply shift the blame onto an external supplier or provider. Ultimately, the responsibility to protect the information of customers, members and employees falls on the organisation itself as a result of the legal duties that they must adhere to. Even in cases where an external provider caused the leak, the victims can still be eligible to claim compensation either way.
A constable at Derbyshire Police has recently faced a misconduct hearing over allegations of unlawfully accessing records of a police incident and then sharing a photo of the file with colleagues.
Although the officer’s actions contravened policing standards and data protection law, he has escaped dismissal and will be allowed to continue serving at Derbyshire Police.
Regardless of the verdict of the hearing, a breach such as this should never have occurred at all. Testaments to the officer’s reportedly “excellent” work as an officer do not erase his culpability for what has been regarded as an incredibly reckless action. As an organisation with access to extensive personal data, the police service has a vital duty to be rigorous in data protection and we should all feel safe that our information with them is secure. Our trust in the police should never be abused.
Following a two-year investigation into credit reference agencies, the Information Commissioner’s Office (ICO) has taken enforcement action against Experian. It was ruled that the company must make “fundamental changes to how it handles people’s personal data”, according to the ICO.
The investigation examined three credit agencies, of which Experian is the only one to reportedly face punitive action for data handling they carry out for direct marketing purposes.
Experian is understood to have taken some steps towards improving their data handling, but it was not enough to satisfy the ICO that data protection law was being adhered to. It is reassuring to know that Experian must make changes, and demonstrates to other companies that any sidestepping of the GDPR will not be tolerated by regulators.
If you are ever affected by a data breach or cybersecurity incident caused by a third-party organisation whom you entrusted your information to, it is important that you know what your rights are in the fallout of such an incident. It may feel difficult to stand up to a huge company or local authority, but if a third party has failed to protect personal data, they should be held responsible for their reckless attitude to data protection.
At Your Lawyers – The Data Leak Lawyers – we have been fighting for the rights of data breach victims for many years, aiming to bring justice for the damage that victims have suffered from. Organisations must stand up and take their data protection duties seriously. If they fail to do so, they should be punished as they would be under other areas of the law.
In a serious misstep at East Devon Council, the passwords of 37 council members were reportedly exposed online to other councillors, leaving private email inboxes potentially vulnerable to unauthorised access.
The error was quickly corrected, with affected councillors resetting their passwords. However, the period of vulnerability could have caused leaks of confidential information, which is why this is a serious matter.
Despite local authorities’ important responsibility to their communities and residents, we see data breaches happening far too frequently at local councils, suggesting that many are still failing to take their data protection duties seriously. At Your Lawyers – The Data Leak Lawyers – we believe that failures when it comes to data protection law justifies legal action, as many of these local authorities need to develop more rigorous data protection measures to protect people’s information. Where they fail to do so, we are here to help.
Another travel industry data breach has recently hit the headlines, with the popular airline IT provider SITA suffering a monumental cyberattack. The SITA data breach is thought to have exposed information belonging to hundreds of thousands of passengers.
Among the affected airlines are those owned by Star Alliance, the world’s largest airline group, and British Airways is also affected. Some of the thousands of clients that we represent for the 2018 BA data breaches have already come forward for our assistance.
The travel industry has been plagued by data breaches, with companies such as Marriott and easyJet falling prey to significant hacks in recent years. The wealth of information that is held by airlines and travel companies makes them prime targets for cybercriminals, and the effects can be devastating for those affected.
In the case of cyberattacks, many organisations follow appropriate reporting procedures, such as notifying the Information Commissioner’s Office of the breach. There is also the need for alerting affected customers, members, or employees of their involvement in a data security incident too. However, many firms may be ignoring cyberattacks and their after-effects, putting those affected in an unacceptable degree of danger, sometimes to preserve their own interests.
At Your Lawyers – The Data Leak Lawyers – as a leading data breach claims firm, we believe cyberattacks are like any other crime and should be reported and dealt with accordingly. Unfortunately, too many organisations view cybersecurity and data protections as luxury additions to their operations, disregarding the dangers they are putting people in.
If you have been affected by a data breach and believe the responsible party is not taking it seriously enough, you may be entitled to claim compensation. It is bad enough to have your data exposed, but to witness dangerous inaction from the organisation involved can only add insult to injury.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
