Category: Ransomware
Cybersecurity month 2021 – how we help the victims
As we mark Cybersecurity month 2021 this October, we will talk about how we can help the victims of data breaches, leaks and hacks, and the important work that we do to hold organisations to account for data protection and privacy failures.
Victims of a data breach can be eligible to claim data breach compensation. Depending on how you have been affected by a breach, you could be eligible to receive thousands of pounds in data breach damages.
When it comes to what we do, our experience speaks for itself. Read on for more information.
Push payment fraud arising from data breaches
In the wake of data breaches, the exposure of personal information can make victims vulnerable to becoming the targets of scammers and fraudsters. Compromised contact details or bank account information could be used by cybercriminals to extract further personal information and money from the victims that they target. Push payment fraud is among the various types of crimes that data breach victims could be targeted with.
When we disclose our data to third-party organisations, we do so in the belief that they will do their utmost to protect it. However, too many data controllers fail to recognise the importance of data protection and fail to comply with the law. Even the most basic of security errors could cause victims to have their information made vulnerable to misuse by cybercriminals.
If you have fallen prey to push payment fraud following a data breach, you may be able to claim compensation for your involvement, and for the emotional and/or financial impact of the incident. To find out more, contact us for free, no-obligation advice on your potential data breach claim.
Steris data breach
Steris, a provider of a variety of medical products and services, has reportedly been found to have been impacted by a data security incident. The Steris data breach is understood to have been part of a wider cybersecurity attack that first came to public attention in December 2020, when Accellion, a technology company, reportedly suffered a hack.
As one of the many companies that pays to use Accellion’s FTA (File Transfer Appliance) to transfer files, Steris had private information when the FTA server was breached by external hackers. The list of companies affected by the Accellion hack has grown and grown in the months following the data breach, in what has become a highly convoluted incident for the company.
The Accellion incident demonstrates how harmful data breaches can be when they affect businesses that provide services to other businesses, creating a domino effect of data breaches. With the threat of such wide-reaching damage, it is essential that all businesses take action to ensure that they deploy appropriate security and protect the personal information in their possession.
Rising healthcare cyberattacks
On top of the Covid-19 pandemic, healthcare organisations across the globe have also had to contend with rising healthcare cyberattacks since the outbreak began. Cybercriminals, perceiving that attention was diverted to managing the virus, have perhaps seen the pandemic as an opportunity to target hospitals and healthcare organisations under strain. The need for strong cybersecurity in the NHS has, therefore, never been more urgent.
Unfortunately, the NHS has not been known for good cybersecurity and data protection measures in the past, having suffered a number of severe cyberattacks and data breaches in recent years. One of the most infamous incidents was the WannaCry ransomware attack of 2017, where the NHS was said to be more susceptible to this attack due to a failure to follow cybersecurity recommendations.
Even within the context of the Covid-19 pandemic, there is no excuse for poor data protection by healthcare organisations, and the government must step in where funding is an issue. It is vital that action is taken to tackle the short-term threat, as well as planning for the future of cyberattacks.
ForHousing and Liberty cyberattack
ForHousing and Liberty, two organisations within a social housing group based in Salford, have recently been hit by a cyberattack that may have resulted in data exposure. Part of the ForViva group, both ForHousing and Liberty were reportedly hit by a ransomware hack this July, potentially compromising what is said to be a small amount of information.
The ForViva group has sought to minimise the significance of the incident in its public statements, but breaches like these must not be so readily underestimated. When private information is exposed to cybercriminals, there can be serious repercussions for those affected, whose data may be misused for all kinds of manipulative and fraudulent purposes.
Your Lawyers – The Data Leak Lawyers – are leading specialists in privacy and data breach claims, having represented clients in this area of law since 2014. From our extensive experience of supporting clients, we know how worrying it can be to learn that you have become the victim of a cyberattack, which is why we are here to help those affected by incidents like these to claim the compensation they deserve.
Cybercriminals targeting medical data in attacks
Healthcare organisations hold a vast array of different data about their patients, most of which is highly private and sensitive. Confidential medical information should be safeguarded by the principle of doctor-patient confidentiality, as well as by strong data protection measures. Unfortunately, the number of cybercriminals targeting medical data appears to be on the rise around the globe.
With medical information a prime target, it is important that all healthcare organisations ensure that their systems are secure, and that employees abide by strict data protection procedures. However, in too many cases, there appears to be holes in the defences that put patient data at risk.
Any patient that has been made vulnerable to data misuse by the errors of a healthcare organisation may be able to claim compensation for the harm caused. If you think that you may have a claim to make, you can contact us for free, no-obligation advice on your potential compensation claim.
Human errors and cyberattacks – advice for victims
Many fall into the trap of regarding human errors and cyberattacks as distinct causes of data breaches but, in many cases, they can be closely linked. In fact, human errors can leave data controllers vulnerable to cyberattacks. Where private information has been unjustly put at risk, the organisation responsible may have breached data protection law.
Unfortunately, third-party data controllers may try to blame their negligence on the increasing sophistication of cybercrime, but we believe that they must be held accountable for any mistakes. If you have fallen victim to a data breach as a result of the actions of a third party, you may be entitled to claim compensation for the harm caused.
Neither human errors nor cyberattacks should be brushed to the side as unfortunate accidents, and you deserve justice for the exposure of your personal data. Your Lawyers, as leading Data Leak Lawyers, are here to help you now.
Redcar and Cleveland Council cyberattack
In February last year, it was revealed that Redcar and Cleveland Council had fallen prey to a cyber-attack, bringing many of its online resident services to a standstill for a prolonged period of time. Although systems were eventually repaired and services reinstated, the effects of the cyberattack are still being felt now, over a year after the attack, primarily in the huge financial toll it took on the council.
In fact, the government has been set to intervene to help the council with the funding, after millions of pounds were expended on the effort of rebuilding its systems. The prolonged recovery work raises questions about whether Redcar and Cleveland Council’s systems should have been stronger in order to defend against the attack in the first place, and whether the council had an attack response plan in place before they were hit.
This all shows how costly an attack can be, and why it is always so much better to take preventative action instead of an event taking place.
Banks reportedly prevented £45m of fraud in 2020
Recent coverage has revealed that action taken by bank employees and police prevented some £45m of fraud in 2020, saving customers from the loss of an average of almost £6,000 each. The figure is a testament to the success of the Banking Protocol scheme that encourages banks and the police to work together to protect consumers.
However, the huge £45m sum is also a sign of the scale of fraud in the UK. As leading, specialists in data protection law, we believe that the link between data breaches and fraud is a problem that needs to be addressed. When a third-party organisation fails to protect your personal information, it may be leaked into the hands of cybercriminals, who may attempt to steal from you via various kinds of manipulative scams.
We believe that it is essential that all data controllers are held to account when they fail to observe their legal duties. We have helped thousands of consumers to recover the compensation that they deserve, so we encourage any data breach victims to come forward for free, no-obligation advice on their potential claims.
Data for sale online
In today’s digital age, we give out so much of our personal information to third parties, whether it’s an online fashion store or a delivery giant, that many undervalue the risks of data disclosure. While entrusting your data to a third party should not be unsafe in any way, the dangers that can arise if that third party has poor cybersecurity and falls victim to a hack, following which the cybercriminals may put up the data for sale online, can be serious.
Even the smallest amount of information can be a powerful weapon in the arsenal of criminals. They can use this valuable resource for themselves or sell it on for profit, thus exposing the data to wider misuse.
The risks of data sale should never be underestimated, a fact that we are keen to highlight in our work as leading data protection lawyers. We advocate data breach victims who want to stand up for their right to proper data protection, so contact us to find out if you could be eligible for a compensation claim.