In the summer of 2021, it was reported that a UK-based cake maker and retailer had suffered a hack in which customer information was reportedly compromised. The Cake Box data breach was said to have been discovered in 2020, at which point they alerted the affected customers, but the incident appears to have only come to more mainstream media attention earlier this year.
As a company that could hold significant quantities of customer data, the UK cake store chain may have been seen as a valuable target for the attackers. As with all cyberattacks, the data breach raises questions about the strength of the defences that Cake Box had in place, and whether or not the company did all it could to protect customer data. But it also serves to show that any retailer can be a target, and this is something that all organisations must take heed of. And, given how it happened, it also serves as a reminder as to how retailers can be targeted in various ways.
When a data breach occurs, victims can often feel powerless, but we can assure you that it is possible to take action against those responsible. If your data security has been compromised by a third party, you may be eligible for a compensation claim, and we can offer free, no-obligation advice about your case.
It may be the most wonderful time of the year for all the right reasons, but the festive season, and the weeks leading up to it, can be a hotbed for privacy events that could entitle you to pursue a retail data breach claim.
Unfortunately, hackers and scammers do exploit this time of the year when they know that retailers will often be very busy, and when they know that online shopping can reach its peaks. It is the ideal time for criminals to exploit people, and a successful cyberattack could see thousands – even millions – of people affected. As such, we all need to be careful, and we all need to watch out for hackers and scammers.
It will have been hard to miss the major news that hit the mainstream media over the last couple of weeks. The latest Tesco cyberattack appears to have now concluded, and the news so far looks to suggest that it was a near-miss event.
Hopefully, this will mean that no one will have to endure their personal information being misused or exposed. Anyone who is the victim of a data breach can be entitled to claim compensation for the loss of control of their personal information if this happens.
Both online retailers and high street retailers can deal with thousands upon thousands of transactions every day. With so many payment details taken and recorded on their systems, it is unsurprising that retailers are prime targets for cybercriminals. However, where businesses fail to act against this external threat, they can bear at least part of the responsibility for retail data breach compensation claims.
When exposed, the personal information held by retailers can be at high risk, exposing victims to theft and fraud. Moreover, the emotional impact of such incidents can be severe, causing those affected to suffer significant stress and worry.
Customers should be valued not neglected, which is why it is unforgivable when retailers fail to properly protect the private information that has been disclosed to them. If a third party is found to be responsible for a data breach that affected you, you could be eligible to recover thousands of pounds in damages as part of a data breach compensation claim. We can advise you on a no-obligation basis if you think you may have a claim to make.
Even before the popularity of online shopping, it was possible for customers to fall victim to data misuse, with criminals carrying out hacks of card machines to gain access to payment details. Now, with online shopping on a constant upturn, many of us share our personal information with third-party companies on a regular basis online. If these companies fail to protect our information, we can fall prey to retail data breaches.
In fact, because of the wealth of card data held by retailers, they are a prime target for cybercriminals. Online retailers were arguably put at an increased risk during the past year’s lockdown periods, during which many people turned to online shopping to make their purchases, a fact that fraudsters were all too aware of.
Regardless of the potential increase in cybercrime, the data controllers themselves can bear the responsibility when a data breach does occur. Retailers have a legal obligation to protect personal information, and when they fail in this duty, they could be liable to pay thousands of pounds in compensation when victims make a data breach claim.
Although no formal incident has occurred, statements made by ex-employees have given rise to Amazon data breach concerns. Describing the attitudes to personal data, one of the former employees, who previously held high-profile positions, reportedly noted that Amazon is unaware if it is protecting information correctly. The coverage suggested that Amazon does not have a handle on the huge quantities of data it has aggregated, which is a worrying thought given the company’s status as one of the largest businesses in the world.
The insider perspectives provide no confirmation of breaches of data protection law, but it is nevertheless worrying to think that the concerns of security experts were reportedly dismissed during time spent at Amazon. As a leading international e-commerce company, million of users visit Amazon sites all the time.
Holding millions of customers’ information, the data protection responsibilities of Amazon are monumental. As such, if a breach were to occur, the effects could be devastating. As leading specialists in data breach claims, we want to see that all companies are taking their duties seriously, as we know how serious the repercussions can be for victims who have their information exposed.
In April last year, we began taking on cases for victims affected by the Robert Dyas data breach, which resulted in the exposure of affected customers’ personal and financial information.
Affected victims have been contacted in relation to the breach, and we want to remind anyone who has yet to claim that they may be entitled to receive compensation for the harm caused.
The hack affecting hardware retail company Robert Dyas occurred around the time its stores were closed in response to the first UK lockdown, when customers began turning to online sales. It seems that the cybercriminals involved were keen to capitalise on the increased traffic to the online store, during a period in which Robert Dyas had to limit transactions to £50 as a result of the overwhelming influx of purchases.
In the penultimate week of March, retail chain Fat Face reportedly sent an email to customers notifying them of a breach that had first been identified in mid-January. Reportedly sent to thousands of affected customers, the email revealed that private data had been accessed by an unauthorised user for a limited period of time. It has also been alleged that customers were told to keep the notification of the Fat Face data breach private, and that the company has allegedly paid a ransom to a cybercrime gang.
These claims have yet to be fully verified, but there are still several issues arising out of the Fat Face data breach. The company’s notification to customers appears to be delayed at best, which raises questions about whether Fat Face followed the correct data breach notification procedures. At this stage, we do not know, and we will need to find out.
In any case, the victims whose private information was exposed could now fall victim to data misuse. If it emerges that Fat Face was at fault, victims may be eligible to make compensation claims, and we are already taking claims forward for this incident.
In September, a study by Finder reportedly found that online shopping scams had increased by over a third in the first half of 2020.
The national lockdowns resulting from the Covid-19 pandemic have frequently been singled out as the reason for this notable rise in cases, which comes as no surprise. As such, it is also unsurprising that further waves of online shopping scams may continue as we enter the second month of the latest national lockdown in England.
Indeed, the figures in the Finder report suggested that online shopping and auction scams accounted for around two-thirds of fraud reported by consumers in 2020. Clearly, the threat of online shopping scams cannot be underestimated.
In the UK last year, the coronavirus pandemic caused us to lead more and more of both our personal and professional lives online. As such, the risk of fraud from data breaches has heightened.
In 2020, The Daily Express reported that one in five people (equating to around 11 million) had their data hacked, and one in three reported that they are unequipped to protect their online data. This is a shocking number of victims which, in our view, is indicative of a national crisis in cybercrime. It undoubtedly reveals that large-scale action needs to be taken.
Indeed, the shocking nature of such statistics is part of the problem, as experts (ourselves included) cite low awareness as a key reason why the number of victims has been allowed to reach this horrifying height. The vice-president of Clario, the body which compiled the research in association with thinktank Demos, highlighted that victims seem to “think they should suffer in silence”.