Category: GDPR
Ransomware healthcare attacks
The 2020 surge in ransomware healthcare attacks has highlighted how healthcare organisations have become more vulnerable to cyberattacks during the coronavirus pandemic. While many of us have turned to remote working over the past year, ransomware has long been a remote access tool for cybercriminals, allowing them to breach systems and take control of computer servers and machines from anywhere in the world.
In the UK, we constantly hear that our health service is constrained by limited resources, but few stop to consider the impact that this has on data privacy. Faced with outdated hardware and cybersecurity software in some cases, healthcare organisations could have poor defences against cyberattacks. They can be, therefore, risking the exposure of patient and employee data on a daily basis.
Every UK citizen has a right to have their personal information kept safe and secure by third-party organisations. This should mean that you may be entitled to claim compensation if your data has been exposed. For free, no-obligation advice, contact us today to talk to a member of our specialist data breach team.
Are too many organisations complacent about data protection?
Despite the fact that every consumer’s right to adequate data security is enshrined in law, it appears that too many organisations remain complacent about data protection.
A 2020 study by Kaspersky, reported by Security News Desk, reportedly found that 65% of IT security decision-makers agreed that their organisations were complacent about protecting customer data. Complacency and carelessness are unforgivable in this digital age, in which hackers are developing increasingly sophisticated ways of exposing personal data. In fact, organisations may be contributing to the rising tide of data breaches through their own negligence of established procedures and cybersecurity measures.
Your Lawyers – The Data Leak Lawyers – as leading data protection compensation solicitors, are here to support anyone who has fallen prey to the negligence of a third party. You can contact us for free, no-obligation advice if you think you have a data breach claim to make.
Employee prosecuted for the unlawful disclosure of accident data
An employee in the motor industry has reportedly been prosecuted for the unlawful disclosure of accident data, which she illegally recorded and sold on for use by another company.
The ICO (Information Commissioner’s Office) has confirmed that a former employee of the RAC collected road accident data from the car insurance and roadside assistance company. It is then reported that she passed data on to the director of an accident claims firm.
The incident shows how personal data can be a valuable criminal asset and is a disturbing account of how the trust of customers can be broken when criminals decide to misuse data for their own profit. At the same time, it is reassuring that such criminals can be detected and punished under the law.
At Your Lawyers – The Data Leak Lawyers – as leading data breach claims lawyers, we aim to hold those responsible for data breaches to account for their actions. As such, if you have suffered as a result of having your data exposed, we are here to help you claim the compensation that you deserve.
Careless approach to data protection – rights for victims
Despite the fact that there is extensive legislation designed to prevent data breaches, many organisations continue to have a careless approach to data protection.
In this digital age, in which consumers regularly disclose private data to third party companies online, it is unacceptable that many are neglecting their duty to protect this information.
We are always on the lookout for data leaks which show a carelessness on the part of the organisation, as this may mean that victims may be entitled to claim compensation for the exposure of their personal information. Unfortunately, many companies fail to realise that their data protection duties are equal to their responsibilities to deliver on the goods and services paid for by their customers. We believe that it is important to raise awareness of this widespread issue, and to make sure any victims can achieve justice for the effects of data breaches.
Arup data breach affects employee payroll information
Arup, an international professional services firm, has reportedly suffered a recent data breach, after their third-party payroll provider succumbed to a cybersecurity incident.
The payroll information of current and former employees is understood to have been affected, with Arup contacting those whose details have been compromised. We cannot yet put a number on the scale of the breach but, based on the information disclosed to customers, the Arup data breach may have affected many of the company’s employees.
We have already begun taking on cases for affected claimants, who may be entitled to recover compensation for the exposure of their personal data. If you have been notified of your involvement in the Arup data breach, please do not hesitate to contact us for free, no-obligation advice on your potential compensation claim.
Midlands News Association data breach exposes journalists’ private information
According to an article from HoldtheFrontPage, the Midlands News Association has recently suffered a data security incident that led to the publication of private details belonging to journalists.
This is understood to have included some of whom may have been employed by the newspaper as far back as 2011. It is believed that an unauthorised third party was able to access the data, and that they chose to post the stolen information online.
All data controllers have a legal responsibility to ensure that the data disclosed to them is stored and processed securely. If they ever fail to uphold this duty, they can be held to account under the law. If it is found to have breached data protection law, the Midlands News Association could be liable to pay compensation to those affected. Anyone who has been notified of their involvement in the data breach can contact us to make an enquiry about their potential compensation claim.
Fat Face data breach
In the penultimate week of March, retail chain Fat Face reportedly sent an email to customers notifying them of a breach that had first been identified in mid-January. Reportedly sent to thousands of affected customers, the email revealed that private data had been accessed by an unauthorised user for a limited period of time. It has also been alleged that customers were told to keep the notification of the Fat Face data breach private, and that the company has allegedly paid a ransom to a cybercrime gang.
These claims have yet to be fully verified, but there are still several issues arising out of the Fat Face data breach. The company’s notification to customers appears to be delayed at best, which raises questions about whether Fat Face followed the correct data breach notification procedures. At this stage, we do not know, and we will need to find out.
In any case, the victims whose private information was exposed could now fall victim to data misuse. If it emerges that Fat Face was at fault, victims may be eligible to make compensation claims, and we are already taking claims forward for this incident.
The Amey cyberattack- data breaches in the construction sector
Amey has joined the growing list of construction companies affected by hacks, after suffering the blow of a ransomware attack in mid-December last year. The Amey cyberattack reportedly exposed extensive company data, including information relating to employees and business transactions.
With much of the data being dumped on the hacker group’s leak site, the cyberattack has produced a substantial breach of company privacy that could significantly affect the operations of the infrastructure support service provider. As a giant of the industry, the Amey breach will likely raise concerns in the UK construction sector, with other companies worrying if they may be the next target.
Data Privacy Day 2021 – will we see future changes?
Data Privacy Day 2021 was marked recently on the 28th January, the fifteenth time the day has been celebrated. Also called Data Protection Day in the UK and Europe, Data Privacy Day commemorates the signing of the first international treaty that was legally binding for governing data protection and privacy, named Convention 108.
After what had been another eventful year of data breaches in 2020, we believe it is important for all individuals and organisations to start 2021 with a positive, proactive approach to data protection. The commemorative day at the start of the year should be valuable in raising awareness about issues relating to data privacy, yet nothing ever seems to change as we continue to see breach after breach after breach.
At Your Lawyers – The Data Leak Lawyers – we aim to empower victims of data breaches to take action against those who have failed to protect their data, to ensure that the consequences of data breaches can be learned. We feel that it is the most proactive way forward given that no amount of legislation or commemorative days appear to be making the difference that is really required.
Data leak at work – compensation advice
A data leak at work can be the worst nightmare of an employee, as the breach of privacy can feel incredibly exposing in a professional context.
It may also feel difficult to confront your employer about the damage that has been caused to you, particularly where the error of your colleague(s) has provoked the data breach, as this can make the aftermath a very difficult and stressful time.
All companies are required by law to ensure that they handle, process and store data according to the given data protection rules as set out in the GDPR. Even where a data protection error can seem innocuous, such as in an accidental email attachment, it can still constitute a breach of the GDPR. If you are an employee who has fallen prey to a data leak at a work, you may be entitled to claim compensation. We support victims of all kinds of data breaches to achieve the justice that they deserve, so contact us if you think you have a claim to make.