We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
The misuse of police computer systems is a cause for concern, and it’s understood that the Police in England and Wales are having to deal with a number of internal disciplinaries over the issue.
Incidents include staff and police accessing databases to look at information improperly, and even cases where information is reportedly being passed to criminals. When you consider that the police are responsible for processing and storing a wealth of potentially personal and sensitive information about millions of people, the impact for the victim of data misuse or exposure can be significant.
Victims do have rights and can be eligible to make a claim for data breach compensation. No one is above the law, and all organisations – including the police – must abide by important data protection rules.
News of a victim support data breach has been published by the Information Commissioner’s Office (ICO), which has led to a caseworker being prosecuted.
It’s reported that Restorative Justice Caseworker, Jeannette Baines, who had worked with victim support, sent personal and private information from a work email address to a personal email address.
This kind of breach where employees misuse their rights of access to personal data to send it to personal accounts isn’t uncommon. Many of the ICO’s individual prosecutions involve this kind of breach being committed, and the consequences for the offender can be severe.
A senior nurse caught snooping on medical records has reportedly been suspended in yet another case of an NHS employee abusing their rights of information access.
Carol Anne Rodda, in her capacity working for University Hospitals Coventry and Warwickshire NHS Trust data breach, has reportedly been suspended for 12 months for a number of breaches. A number of the medical records data breach compensation claims we take forward involve healthcare employees improperly accessing information, so we know how bad these kinds of incidents can be.
There have been a number of occasions where the Information Commissioner’s Office (ICO) has been forced to take action against staff for snooping. The ICO has also had to issue warnings because of so many instances of it happening.
A number of Leicestershire police data breach incidents have been reported in the news recently. Police data breaches are always worrying, so it’s concerning to learn of these incidents.
With public sector data breaches often topping the charts in terms of the volumes of individual cases we take forward, this is a serious matter. The police computers and databases hold a wealth of incredibly personal and sensitive data about millions of people. In the wrong hands, leaks and misuse of such information can be severe for the victims.
Right now, we’re representing people who are claiming data breach compensation as victims of police incidents. News of the prosecutions and investigations into a number of incidents that stem from the Leicestershire force is concerning.
You may be entitled to make a claim for compensation if you are the victim of a human error data breach incident.
In fact, some of the biggest group action and individual cases we’re fighting for justice in were caused by simple human errors. Many of the human errors committed are preventable, and it’s this key factor that means you can be entitled to make a claim.
Don’t assume that you can’t claim because a person is responsible (or partially responsible) for a data breach. The organisations who employee people can be vicariously liable for the actions of their employee. This means that the blame can be squarely with the employer!
There are huge risks when it comes to Healthcare staff data breach incidents. A large volume of the data breach cases we take forward involve the healthcare sector.
That’s why we’re not surprised that a recent study suggested that more than half of data breach incidents in the healthcare industry are reportedly caused by staff themselves. Whether it’s a direct human error that has led to a breach, or staff abusing their powers, it’s the employees themselves that remain such a huge risk for organisations.
Even hacks and cyber attacks can be linked back to staff as well. An easy example is staff falling victim to phishing scams and their user credentials being compromised and then abused by criminals.
As investigations into the Police Federation of England and Wales cyber attack continue, we’ve taken cases forward on a No Win, No Fee basis.
The investigations into the two malware attacks that hit the PFEW on 9th March and 21st March 2019 are underway, and we’ve agreed to take claims forward. Our legal team who are fighting for justice in dozens of data breach group actions have been contacted for help. As with the other group and multi-party actions we’re running, we have offered No Win, No Fee compensation representation.
It’s understood that the data for some 120,000 police employees may have been exposed in the incident. At this stage, information exposure or theft cannot be ruled out.
A lack of data training is an easy open goal for data breaches and cybersecurity incidents. It’s not a viable defence to a claim for compensation.
Over the years we’ve been helping people, thousands of victims have asked for our help for data breaches, leaks and hacks. We can tell you from years of experience that a common cause of incidents can sometimes be a simple issue of a lack of training. Even though data breaches are always in the news, and the risk of a cybersecurity incident has probably never been higher, data protection training is still not a priority for some.
I’ve spoken to friends and family for some insight as well, and there are still way too many organisations not treating it seriously; despite GDPR. For a victim who must make a claim for data breach compensation, a lack of training is no excuse to deflect a claim.
A recent prosecution has taken place over the V12 Sports and Classics data breach incident where a former employee of the company has been found guilty of breaking the law.
In this case, the former employee (32-year-old Jayana Morgan Davies) reportedly forwarded work emails that contained the data of customers and colleagues to her personal account. She resigned from her position a few weeks later, which suggests a specific motive for the illegal processing of the data she misused.
The incident is said to have taken place in August 2017. It has led to a successful prosecution from the ICO (the Information Commissioner’s Office).
There has been a Heart of England NHS data breach incident, and it’s yet another case of an NHS employee snooping on the personal data of people they know.
We’ve spoken out about the issue of NHS employees abusing their rights to access medical data a lot recently. The Information Commissioner’s Office (ICO) – the UK’s data watchdog – has prosecuted a number of offenders for such actions. They’ve also had to send out warnings to staff about their responsibilities and the punishments they can face when it comes to this kind of behaviour.
A large volume of the cases we represent people for are NHS data breach compensation claims, so hearing of these kinds of incidents isn’t surprising.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.