Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
In the penultimate week of March, retail chain Fat Face reportedly sent an email to customers notifying them of a breach that had first been identified in mid-January. Reportedly sent to thousands of affected customers, the email revealed that private data had been accessed by an unauthorised user for a limited period of time. It has also been alleged that customers were told to keep the notification of the Fat Face data breach private, and that the company has allegedly paid a ransom to a cybercrime gang.
These claims have yet to be fully verified, but there are still several issues arising out of the Fat Face data breach. The company’s notification to customers appears to be delayed at best, which raises questions about whether Fat Face followed the correct data breach notification procedures. At this stage, we do not know, and we will need to find out.
In any case, the victims whose private information was exposed could now fall victim to data misuse. If it emerges that Fat Face was at fault, victims may be eligible to make compensation claims, and we are already taking claims forward for this incident.
A data leak at work can be the worst nightmare of an employee, as the breach of privacy can feel incredibly exposing in a professional context.
It may also feel difficult to confront your employer about the damage that has been caused to you, particularly where the error of your colleague(s) has provoked the data breach, as this can make the aftermath a very difficult and stressful time.
All companies are required by law to ensure that they handle, process and store data according to the given data protection rules as set out in the GDPR. Even where a data protection error can seem innocuous, such as in an accidental email attachment, it can still constitute a breach of the GDPR. If you are an employee who has fallen prey to a data leak at a work, you may be entitled to claim compensation. We support victims of all kinds of data breaches to achieve the justice that they deserve, so contact us if you think you have a claim to make.
A report has revealed that a recent Birmingham City Council data breach incident has taken place after private information was mistakenly published online.
It is alleged that the exposed data included the details of “vulnerable children”, although this has reportedly been disputed by the local authority. The council said that a number of citizens were affected, but has yet to confirm just how many people were affected.
The Birmingham City Council data breach appears to be yet another example of the human error data breaches we have seen occur at local authorities time and time again. As advocates of data security, we believe that there is never an excuse for errors such as this, as everyone has the right to have their private data kept safe. In many cases, victims of data breaches can be eligible to claim compensation for any harm caused. This may also be a possibility for those affected by the breach at Birmingham City Council.
Cyberattacks can be a common reason for the occurrence of data breaches, as criminals often target company databases to gain access to huge swathes of information. There is one type of attack that is particularly malicious in nature: when databases with highly sensitive data are hacked and the victims are held to ransom by cybercriminals, perhaps seeking payment in return for a vow that they will not misuse or publish the information.
These can sometimes be empty promises, placing the victims in danger whether they choose to pay up or reject the ransom. Unfortunately, poor data security of some organisations can often be the reason as to why victims end up in this defenseless position in the first place, as weaknesses in their systems could allow cybercriminals to break through.
If you have been put in a precarious situation due to a ransomware attack, we are here to advise you on your potential right to claim data breach compensation from those responsible for negligence.
In what is continuing to be a common trend for local government authorities, the recent Blackpool Council data leak has seen the exposure of personal data belonging to hundreds of individuals.
The issue has been labelled as a so-called accidental “human error” incident. A data handling mistake reportedly resulted in the details of about 428 people being made public, when the data should have remained private.
Occurring within months of our coverage of the Hackney Council cyberattack and the Bristol City Council data leak, this breach unfortunately comes as no shock to us. It probably comes as no shock to anyone who has become familiar with recurring patterns of council data leaks in general. Inadequate data protection practices at so many local councils means that this is a nationwide problem. We are here to help anyone affected by data breaches like this, striving to win them the compensation they deserve.
For businesses with expanding opportunities and responsibilities, it often becomes necessary to hire external providers and suppliers to ensure the efficiency of company operations. Data leaks from outsourcing can unfortunately occur when these external providers lapse in protecting the information held by the company they work with.
However, when a data leak does arise, it is not acceptable for the affected company to simply shift the blame onto an external supplier or provider. Ultimately, the responsibility to protect the information of customers, members and employees falls on the organisation itself as a result of the legal duties that they must adhere to. Even in cases where an external provider caused the leak, the victims can still be eligible to claim compensation either way.
Following a two-year investigation into credit reference agencies, the Information Commissioner’s Office (ICO) has taken enforcement action against Experian. It was ruled that the company must make “fundamental changes to how it handles people’s personal data”, according to the ICO.
The investigation examined three credit agencies, of which Experian is the only one to reportedly face punitive action for data handling they carry out for direct marketing purposes.
Experian is understood to have taken some steps towards improving their data handling, but it was not enough to satisfy the ICO that data protection law was being adhered to. It is reassuring to know that Experian must make changes, and demonstrates to other companies that any sidestepping of the GDPR will not be tolerated by regulators.
If you are ever affected by a data breach or cybersecurity incident caused by a third-party organisation whom you entrusted your information to, it is important that you know what your rights are in the fallout of such an incident. It may feel difficult to stand up to a huge company or local authority, but if a third party has failed to protect personal data, they should be held responsible for their reckless attitude to data protection.
At Your Lawyers – The Data Leak Lawyers – we have been fighting for the rights of data breach victims for many years, aiming to bring justice for the damage that victims have suffered from. Organisations must stand up and take their data protection duties seriously. If they fail to do so, they should be punished as they would be under other areas of the law.
In a serious misstep at East Devon Council, the passwords of 37 council members were reportedly exposed online to other councillors, leaving private email inboxes potentially vulnerable to unauthorised access.
The error was quickly corrected, with affected councillors resetting their passwords. However, the period of vulnerability could have caused leaks of confidential information, which is why this is a serious matter.
Despite local authorities’ important responsibility to their communities and residents, we see data breaches happening far too frequently at local councils, suggesting that many are still failing to take their data protection duties seriously. At Your Lawyers – The Data Leak Lawyers – we believe that failures when it comes to data protection law justifies legal action, as many of these local authorities need to develop more rigorous data protection measures to protect people’s information. Where they fail to do so, we are here to help.
Another travel industry data breach has recently hit the headlines, with the popular airline IT provider SITA suffering a monumental cyberattack. The SITA data breach is thought to have exposed information belonging to hundreds of thousands of passengers.
Among the affected airlines are those owned by Star Alliance, the world’s largest airline group, and British Airways is also affected. Some of the thousands of clients that we represent for the 2018 BA data breaches have already come forward for our assistance.
The travel industry has been plagued by data breaches, with companies such as Marriott and easyJet falling prey to significant hacks in recent years. The wealth of information that is held by airlines and travel companies makes them prime targets for cybercriminals, and the effects can be devastating for those affected.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
