Following a breach of Guntrader.uk, a website that leads in buying and selling of guns in the UK, it is understood that thousands of customers have had their names and addresses exposed. As a result of the Guntrader data breach, those who used the site may have reportedly had their personal information posted to the dark web.
The breach is particularly concerning given the safety risks of making the identities and potential whereabouts of gun owners known to potential criminals. As investigations continue, it is not yet clear how the data theft was allowed to occur. However, if it is found that Guntrader bears responsibility for the information exposure, it could be held liable for a breach of data protection law.
If you have been affected by the Guntrader data breach, we recommend that you come forward to seek legal advice, as there may be grounds for a compensation claim. It is always distressing to learn that your private information could be circulating in the public domain, so it is vital that any responsible parties are held accountable for the harm caused.
Despite looking up private police records without authorisation, a Detective Sergeant has recently evaded dismissal following a misconduct hearing. In the Northamptonshire detective data breach case, the Detective Sergeant reportedly looked up the details of a woman with whom he was engaging in an extra-marital relationship with at the time, who was involved in a case he was working on.
His actions reportedly amounted to misconduct, so the Northamptonshire Police appear to be sending mixed messages by not taking the matter any further. The police can, and often do, dismiss officers for similar offences, but this officer’s acceptance of the accusations against him, and his standing in the force, seem to have allowed him to avoid further consequences.
Police data breaches like this should be treated with the severity that they merit, taking account of the potential damage such actions can cause. Police services cannot afford to let employees off lightly for breaching data access regulations, as doing so could risk compromising the force’s reputation and its overall data security and integrity.
NHS CCTV cameras have reportedly been embroiled in a hack affecting security footage across the globe, after security company Verkada is understood to have been breached by hackers. It is said that live streams for as many as 150,000 Closed-Circuit Television (CCTV) cameras may have been viewed by unauthorised users.
Serving organisations include prisons, general businesses, schools and even psychiatric hospitals. The breach of Verkada’s cameras may have exposed the identities of many people working in, living in, or visiting affected institutions.
It is unclear exactly which feeds hackers may have viewed and what they gleaned from the footage, but it is nevertheless worrying to learn that a security firm has been subjected to such a wide-reaching breach. There is currently no evidence that any NHS camera feeds were viewed by hackers, but Verkada lists the NHS as one of its clients on the company website. Hackers have also claimed that they have been able to access the cameras of any of the affected organisations.
Recent coverage has revealed that action taken by bank employees and police prevented some £45m of fraud in 2020, saving customers from the loss of an average of almost £6,000 each. The figure is a testament to the success of the Banking Protocol scheme that encourages banks and the police to work together to protect consumers.
However, the huge £45m sum is also a sign of the scale of fraud in the UK. As leading, specialists in data protection law, we believe that the link between data breaches and fraud is a problem that needs to be addressed. When a third-party organisation fails to protect your personal information, it may be leaked into the hands of cybercriminals, who may attempt to steal from you via various kinds of manipulative scams.
We believe that it is essential that all data controllers are held to account when they fail to observe their legal duties. We have helped thousands of consumers to recover the compensation that they deserve, so we encourage any data breach victims to come forward for free, no-obligation advice on their potential claims.
A woman has recently reported receiving the coronavirus test result of another unknown woman, reportedly sent in a text message by the NHS. Not only did the text reveal the negative test status of the unknown woman, it is understood that it also listed her full name, birth date and the result of her test. The recipient of the message has expressed concern that such a data breach was allowed to occur, particularly given that she took a coronavirus test in early January.
Concerns about data privacy have been linked to the Test and Trace system since its beginnings, with several data breach incidents linked to the scheme, including a major error by Public Health Wales. It is concerning that data privacy has fallen short on occasions in the effort to control the Covid-19 outbreak, especially given that mistakes such as misdirected texts can be so easily avoided.
The Test and Trace system may be designed to protect public health, but that does not mean data breaches like this can go unnoticed.
In the worst cases, data breaches can involve highly sensitive information, compromising the privacy and safety of some of the most vulnerable people in our society. In particular, social services breaches often affect the most vulnerable victims, leaving them open to even more risks than they already face.
Generally run by local councils, social services offer support to their local communities, whether this is providing assistance for people with disabilities, running care homes, or setting up domestic abuse support groups. While social services are absolutely essential to ensuring the safety and well-being of the people under their care, this protection can break down when a data breach occurs.
Anyone who has been let down by a social services data breach may be able to claim compensation for the harm caused.
Although no formal incident has occurred, statements made by ex-employees have given rise to Amazon data breach concerns. Describing the attitudes to personal data, one of the former employees, who previously held high-profile positions, reportedly noted that Amazon is unaware if it is protecting information correctly. The coverage suggested that Amazon does not have a handle on the huge quantities of data it has aggregated, which is a worrying thought given the company’s status as one of the largest businesses in the world.
The insider perspectives provide no confirmation of breaches of data protection law, but it is nevertheless worrying to think that the concerns of security experts were reportedly dismissed during time spent at Amazon. As a leading international e-commerce company, million of users visit Amazon sites all the time.
Holding millions of customers’ information, the data protection responsibilities of Amazon are monumental. As such, if a breach were to occur, the effects could be devastating. As leading specialists in data breach claims, we want to see that all companies are taking their duties seriously, as we know how serious the repercussions can be for victims who have their information exposed.
In late February, it was revealed that some customers of energy company Npower had suffered hacks of their accounts via the customer app that affected its users’ private data. The company has not put a number on the victims affected, but it is believed that the attack took place in early February, after which those affected were notified of their involvement. It is currently understood that Npower is not to blame for the hack, with no evidence that the company has breached data protection law. We will outline how the hacks happened in this article. Nevertheless, those with hacked Npower accounts are at immediate risk of fraud, with criminals targeting accounts to try to break into them as opposed to successfully breaking into Npower’s own servers and systems.
As advocates of data security, we believe it is important to highlight the risks Npower app users have been exposed to, even where the company is found to not be at fault for what has happened. Even if you have not been affected by the cyberattack, it still offers a valuable lesson about the risks of data exposure and the actions we can take as individuals to protect our personal data, and how criminals can target accounts to break into them.
Since the onset of the Covid-19 pandemic, the risks to cybersecurity have been widely perceived as greater. Cybercriminals have been taking advantage of poor data protection methods whilst also enhancing their methods of attack. We cannot yet fully assess the impact of Covid on data protection right now, but we can examine the evolving threat levels and look at how consumer attitudes to data have changed over the course of the pandemic.
Awareness of data security has always varied from person to person. Your Lawyers – The Data Leak Lawyers – as leading specialists in data breach law, we believe that each person should know about their right to good data protection. In the event of a data breach, this knowledge can be essential in ensuring companies are held to account for their errors. We support thousands of people in their fight to recover compensation following data breaches, and we want to make sure the data protection errors made during the coronavirus pandemic do not go unnoticed.
Despite the growing threat of cybercrime, many people are still unaware of the risks posed to their personal data, and the damage that can be done when they fail to take action following a data breach. Many people may be familiar with the typical data breach notification emails that companies send out to affected victims, but some may not quite register how serious a data breach can be for the victims.
Your Lawyers – The Data Leak Lawyers – as leading specialists in data breach law, want to make sure that everyone knows their rights in the wake of a data breach, and is aware of how to avoid any consequent risks. We know that it can be hard to navigate the stressful aftermath period, particularly when the company at fault is seeking to escape all blame for the breach. As such, we want to offer people a simple guide to the steps you can take after a data breach.