In June 2018, Ticketmaster revealed that a security incident had affected its website, causing the personal information of customers to be exposed. Discovered on 23rd June, the information was exposed due to the actions of an external hacker, but questions were raised regarding how far the incident had been caused by Ticketmaster’s own alleged negligence. We began taking on claims soon after the breach was announced, and we are now running our Ticketmaster data group action to ensure that those affected can receive the compensation that they deserve.
The breach has potentially demonstrated how insufficient cybersecurity could be responsible for mass information exposure. Thousands of customers had sensitive payment details exposed as a result of what we understand to be a system vulnerability, so we believe that Ticketmaster must answer for what has happened.
If you have been affected by this data breach, you can contact our team to find out if you have a compensation claim to make.
While it may be difficult to believe that such a needless mistake can breach data protection law, countless data breaches have arisen as a result of files sent to the wrong address. Over email or by post, a minute error like this can allow an unauthorised third party to view personal information which they should never have seen.
The mistake alone can constitute a data protection breach, but further problems can arise when the recipient of the files has malicious intentions. In many cases, the recipient may delete or destroy the files upon request, but not everyone is a good citizen. Sending errors can pose several opportunities for data misuse, such as identity theft, fraud and scams.
As leading specialists in data protection law, we believe that the impact of a data breach should never be underestimated. As such, however small a breach may seem, the data controller responsible should be held accountable for their actions. If you have been affected by a data breach, you may be eligible to make a compensation claim.
The Competition and Markets Authority (CMA) has recently disclosed figures for the data breaches that have affected the UK government regulator. They reportedly revealed that a total of 150 breaches have occurred over the last two years. The competition regulator data breaches are worrying given the CMA’s role in upholding the law, which requires them to handle a large amount of private information, some of which can be sensitive.
The importance of cybersecurity should now be well known to all businesses and organisations, as many can be prime targets for hackers and fraudsters searching for information to misuse. The malicious intent of cybercriminals should give organisations that sense of the importance of data protection. However, it appears that the CMA may not have been able to adopt the caution required of an organisation with such sensitive data handling responsibilities.
Amey has joined the growing list of construction companies affected by hacks, after suffering the blow of a ransomware attack in mid-December last year. The Amey cyberattack reportedly exposed extensive company data, including information relating to employees and business transactions.
With much of the data being dumped on the hacker group’s leak site, the cyberattack has produced a substantial breach of company privacy that could significantly affect the operations of the infrastructure support service provider. As a giant of the industry, the Amey breach will likely raise concerns in the UK construction sector, with other companies worrying if they may be the next target.
Data Privacy Day 2021 was marked recently on the 28th January, the fifteenth time the day has been celebrated. Also called Data Protection Day in the UK and Europe, Data Privacy Day commemorates the signing of the first international treaty that was legally binding for governing data protection and privacy, named Convention 108.
After what had been another eventful year of data breaches in 2020, we believe it is important for all individuals and organisations to start 2021 with a positive, proactive approach to data protection. The commemorative day at the start of the year should be valuable in raising awareness about issues relating to data privacy, yet nothing ever seems to change as we continue to see breach after breach after breach.
At Your Lawyers – The Data Leak Lawyers – we aim to empower victims of data breaches to take action against those who have failed to protect their data, to ensure that the consequences of data breaches can be learned. We feel that it is the most proactive way forward given that no amount of legislation or commemorative days appear to be making the difference that is really required.
In what is continuing to be a common trend for local government authorities, the recent Blackpool Council data leak has seen the exposure of personal data belonging to hundreds of individuals.
The issue has been labelled as a so-called accidental “human error” incident. A data handling mistake reportedly resulted in the details of about 428 people being made public, when the data should have remained private.
Occurring within months of our coverage of the Hackney Council cyberattack and the Bristol City Council data leak, this breach unfortunately comes as no shock to us. It probably comes as no shock to anyone who has become familiar with recurring patterns of council data leaks in general. Inadequate data protection practices at so many local councils means that this is a nationwide problem. We are here to help anyone affected by data breaches like this, striving to win them the compensation they deserve.
Following a two-year investigation into credit reference agencies, the Information Commissioner’s Office (ICO) has taken enforcement action against Experian. It was ruled that the company must make “fundamental changes to how it handles people’s personal data”, according to the ICO.
The investigation examined three credit agencies, of which Experian is the only one to reportedly face punitive action for data handling they carry out for direct marketing purposes.
Experian is understood to have taken some steps towards improving their data handling, but it was not enough to satisfy the ICO that data protection law was being adhered to. It is reassuring to know that Experian must make changes, and demonstrates to other companies that any sidestepping of the GDPR will not be tolerated by regulators.
In the case of cyberattacks, many organisations follow appropriate reporting procedures, such as notifying the Information Commissioner’s Office of the breach. There is also the need for alerting affected customers, members, or employees of their involvement in a data security incident too. However, many firms may be ignoring cyberattacks and their after-effects, putting those affected in an unacceptable degree of danger, sometimes to preserve their own interests.
At Your Lawyers – The Data Leak Lawyers – as a leading data breach claims firm, we believe cyberattacks are like any other crime and should be reported and dealt with accordingly. Unfortunately, too many organisations view cybersecurity and data protections as luxury additions to their operations, disregarding the dangers they are putting people in.
If you have been affected by a data breach and believe the responsible party is not taking it seriously enough, you may be entitled to claim compensation. It is bad enough to have your data exposed, but to witness dangerous inaction from the organisation involved can only add insult to injury.
A big Newcastle City Council data leak occurred three years ago after the personal data of thousands of children and their adoptive parents was sent out in an accidental email attachment.
The email concerned a party invitation sent out to 77 people for the council’s adoption summer party, with the inclusion of an internal spreadsheet that should never have been seen by unauthorised eyes.
In a reason that has become all too common in recent council data leaks, human error was blamed for the incident. Indeed, as this explanation recurs and recurs, it raises questions about how much progress has been made in local government data protection. Further, in today’s turbulent times of coronavirus leading to us all having to adapt to a more remote way of working and living, what else needs to be done to rectify these issues.
We had hoped that the introduction of the GDPR in 2018 would lead to serious improvements and that we would see far fewer breaches, leaks and hacks. Sadly, this has not been the case and, if anything, the volume of breaches continues to grow.
What has not helped us in 2020 is, of course, the ongoing coronavirus pandemic. The increased reliance on the use of technology to be able to work and live has resulted in an increase in cyberattacks, and hackers have done their best to exploit the situation. When it comes to 2021, we expect the current trends to continue.