Reading:
108,000 BUPA customers have their personal information lost
Share:
data breach

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

108,000 BUPA customers have their personal information lost

International healthcare provider, BUPA, has admitted a breach of data protection rules over mishandling more than a hundred thousand customers’ personal information.

BUPA is understood to have lost the information by copying and deleting data, which is against company policy. The information lost included: Patient first and last names; patient dates of birth; patient nationalities; and patient contact information.

BUPA customers have been notified of the data breach. Whilst no medical nor financial information is thought to have been lost in this security incident, some customers may understandably be angry.

BUPA Statement

Sheldon Keating, managing director of BUPA said:

“We know that this will be concerning and I would like to personally apologise… Protecting the information we hold about you is our absolute priority and I am sorry that this has happened. We are taking this seriously and taking steps to address the situation.”

Unfortunately, similar words have been said many times before in previous breaches. If protecting information was such an “absolute priority”, why was more not done to have prevented this incident from happening?

Data protection expectations

When customers provide their contact information or personal information, they expect it to be kept safe. Companies need to make sure that all the personal information they have access to is kept safe and secure. This means that any third party – be it a hacker or an employee for the company – cannot maliciously nor accidentally create a data breach.

BUPA has clearly failed their customers given the lost data.

U.K. law

Under the U.K’s Data Protection Act, companies must only use their customers’ personal information for an authorised reason. Misusing personal information belonging to another can be a serious crime.

In this incident, BUPA ‘assures’ us there was no malicious intent, and the employee responsible for the breach has now been dismissed. BUPA explains they have introduced “additional internal security measures” in light of the incident; it’s just too bad they didn’t think of this earlier.

Why is data security still not a top priority?

A lot of companies seem to be rather indifferent to cybersecurity and only choose to upgrade systems when they have already been attacked or suffered a breach. Some organisations seem to have taken the risk that they might not suffer a data breach and then scramble to pick themselves up when one happens.  

With so much information accessible via the internet and our constant access to the World Wide Web, data breaches are extremely common and will likely only increase if things are left the way they are.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon