Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
International healthcare provider, BUPA, has admitted a breach of data protection rules over mishandling more than a hundred thousand customers’ personal information.
BUPA is understood to have lost the information by copying and deleting data, which is against company policy. The information lost included: Patient first and last names; patient dates of birth; patient nationalities; and patient contact information.
BUPA customers have been notified of the data breach. Whilst no medical nor financial information is thought to have been lost in this security incident, some customers may understandably be angry.
Sheldon Keating, managing director of BUPA said:
“We know that this will be concerning and I would like to personally apologise… Protecting the information we hold about you is our absolute priority and I am sorry that this has happened. We are taking this seriously and taking steps to address the situation.”
Unfortunately, similar words have been said many times before in previous breaches. If protecting information was such an “absolute priority”, why was more not done to have prevented this incident from happening?
When customers provide their contact information or personal information, they expect it to be kept safe. Companies need to make sure that all the personal information they have access to is kept safe and secure. This means that any third party – be it a hacker or an employee for the company – cannot maliciously nor accidentally create a data breach.
BUPA has clearly failed their customers given the lost data.
Under the U.K’s Data Protection Act, companies must only use their customers’ personal information for an authorised reason. Misusing personal information belonging to another can be a serious crime.
In this incident, BUPA ‘assures’ us there was no malicious intent, and the employee responsible for the breach has now been dismissed. BUPA explains they have introduced “additional internal security measures” in light of the incident; it’s just too bad they didn’t think of this earlier.
A lot of companies seem to be rather indifferent to cybersecurity and only choose to upgrade systems when they have already been attacked or suffered a breach. Some organisations seem to have taken the risk that they might not suffer a data breach and then scramble to pick themselves up when one happens.
With so much information accessible via the internet and our constant access to the World Wide Web, data breaches are extremely common and will likely only increase if things are left the way they are.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020