Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
A police force has been blasted over data security failures by the Information Commissioner’s Office (ICO) after a “damning report” from the body responsible for overseeing the police in Scotland.
The ICO has reportedly demanded immediate action following an audit that has been described as “highly critical” with “urgent recommendations”.
It’s understood that the security of personal data, staff training and awareness, and data sharing are the areas of focus after investigations were undertaken to look into data security failures by the police.
Jaguar Land Rover have been subject to an employee data breach that has reportedly affected hundreds of staff.
The personal and sensitive employee data for hundreds of agency staff at the firm’s Solihull site is understood to have been shared around the workforce as the carmaker sets to embark on a job redundancy program that may affect thousands of employees.
The data breached includes payroll information and personal data about days of absence, and even employee disability information.
The University of Greenwich has been fined £120,000.00 by the ICO (Information Commissioner’s Office) after being found guilty of allowing personal and sensitive data they hold to be exposed.
The fine comes off the back of a serious data breach where the data for some 20,000 university students and staff was compromised from a micro-site that had been used in 2004 for a training conference. This micro-site was not closed or secured, and was comprised in 2013, and then multiple attacks in 2016 allowed hackers access to the university’s web-server.
TSB bank could face fines for data breach issues related to the system outage problem they suffered last month.
Many customers were left unable to properly use their accounts online and via their app for several days after a system upgrade reportedly went wrong. Some customers were unable to view their accounts, make payments or transfer money, with countless angry customers turning to social media to vent their frustrations.
There has been another prosecution over the access of patient records without authorisation in the NHS.
The UK’s Information Commissioner’s Office (ICO) has fined and prosecuted Michelle Harrison, formerly employed by Milton Keynes Hospital Trust, for accessing patient records without authorisation. Harrison reportedly pleaded guilty to improperly accessing the records of 12 people without any need or authorisation to do so.
This prosecution is the latest in a long line the ICO has had to enforce against NHS staff accessing medical records when they shouldn’t be.
The ICO has completed a follow-up assessment of Dyfed Powys Police who signed an undertaking last year to improve their data protection compliance. The undertaking meant that the police force had to engage in force-wide data protection training and refresher training, as well as ensuring that training and monitoring was properly recorded to address non-compliance and ensure that security measures are in place to properly protect data.
The involvement of the ICO (Information Commissioner’s Office) – the UK’s data watchdog – was to ensure that Dyfed Powys Police were upholding their data protection responsibilities after a number of incidents had previously occurred.
read more
The Royal Borough of Kensington and Chelsea council has been fined £120,000 for an indeliberate data breach because the personal details of empty property owners in their constituency was published, contrary to data protection laws.
The Information Commissioner’s Office (ICO) has called it a “serious contravention” which has led to the huge fine being issued of £120,000.
According to the ICO reports, a Freedom of Information (FOI) request had been made in relation to the Grenfell Tower incident as part of research into social inequality, and it was this request that led to the accidental disclosure.
read more
Telecoms giant TalkTalk have been accused of continuing to neglect cybersecurity after a hacker contacted Sky news and reported website security flaws that had been left unfixed for years.
The news comes as little surprise to us as we continue to represent victims for previous TalkTalk cyber-hacks that were, in our view, entirely preventable.
According to the media reports from the end of March, the hacker found a simple scripting error that allowed him to take control of a TalkTalk.co.uk URL, and use it to trick customers that they were visiting a genuine TalkTalk website.
read more
Although many of us are grateful for the help and protection our police force provide us, they are not above the law; even when it comes to the Data Protection Act.
In fact, the police service is unfortunately at the centre of a large volume of data breaches, studies have confirmed.
As a victim of a police data breach you are entitled to claim for data protection compensation – just because it’s the police does not exempt them from legal action and in this case, you can see the weight of the law applied to one force in particular who were fined £130,000.00 for a huge data breach.
read more
Worryingly, the police occupy one of the top spots in terms of organisations at the centre of data breaches, data leaks and hacks. Victims whose data is compromised in a data protection breach deserve to be notified as soon as possible, but it’s not unheard of for an organisation to “hide” a data breach as opposed to facing up to it and dealing with it.
Reportedly, Gwent Police are to be investigated for doing just that.
News sources say that Gwent Police are being investigated for failing to inform hundreds of individuals that their data protection rights had been breached.
read more
EasyJet admits data of nine million hacked
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
