Category: Security
Ransomware healthcare attacks
The 2020 surge in ransomware healthcare attacks has highlighted how healthcare organisations have become more vulnerable to cyberattacks during the coronavirus pandemic. While many of us have turned to remote working over the past year, ransomware has long been a remote access tool for cybercriminals, allowing them to breach systems and take control of computer servers and machines from anywhere in the world.
In the UK, we constantly hear that our health service is constrained by limited resources, but few stop to consider the impact that this has on data privacy. Faced with outdated hardware and cybersecurity software in some cases, healthcare organisations could have poor defences against cyberattacks. They can be, therefore, risking the exposure of patient and employee data on a daily basis.
Every UK citizen has a right to have their personal information kept safe and secure by third-party organisations. This should mean that you may be entitled to claim compensation if your data has been exposed. For free, no-obligation advice, contact us today to talk to a member of our specialist data breach team.
Are too many organisations complacent about data protection?
Despite the fact that every consumer’s right to adequate data security is enshrined in law, it appears that too many organisations remain complacent about data protection.
A 2020 study by Kaspersky, reported by Security News Desk, reportedly found that 65% of IT security decision-makers agreed that their organisations were complacent about protecting customer data. Complacency and carelessness are unforgivable in this digital age, in which hackers are developing increasingly sophisticated ways of exposing personal data. In fact, organisations may be contributing to the rising tide of data breaches through their own negligence of established procedures and cybersecurity measures.
Your Lawyers – The Data Leak Lawyers – as leading data protection compensation solicitors, are here to support anyone who has fallen prey to the negligence of a third party. You can contact us for free, no-obligation advice if you think you have a data breach claim to make.
Careless approach to data protection – rights for victims
Despite the fact that there is extensive legislation designed to prevent data breaches, many organisations continue to have a careless approach to data protection.
In this digital age, in which consumers regularly disclose private data to third party companies online, it is unacceptable that many are neglecting their duty to protect this information.
We are always on the lookout for data leaks which show a carelessness on the part of the organisation, as this may mean that victims may be entitled to claim compensation for the exposure of their personal information. Unfortunately, many companies fail to realise that their data protection duties are equal to their responsibilities to deliver on the goods and services paid for by their customers. We believe that it is important to raise awareness of this widespread issue, and to make sure any victims can achieve justice for the effects of data breaches.
Arup data breach affects employee payroll information
Arup, an international professional services firm, has reportedly suffered a recent data breach, after their third-party payroll provider succumbed to a cybersecurity incident.
The payroll information of current and former employees is understood to have been affected, with Arup contacting those whose details have been compromised. We cannot yet put a number on the scale of the breach but, based on the information disclosed to customers, the Arup data breach may have affected many of the company’s employees.
We have already begun taking on cases for affected claimants, who may be entitled to recover compensation for the exposure of their personal data. If you have been notified of your involvement in the Arup data breach, please do not hesitate to contact us for free, no-obligation advice on your potential compensation claim.
Midlands News Association data breach exposes journalists’ private information
According to an article from HoldtheFrontPage, the Midlands News Association has recently suffered a data security incident that led to the publication of private details belonging to journalists.
This is understood to have included some of whom may have been employed by the newspaper as far back as 2011. It is believed that an unauthorised third party was able to access the data, and that they chose to post the stolen information online.
All data controllers have a legal responsibility to ensure that the data disclosed to them is stored and processed securely. If they ever fail to uphold this duty, they can be held to account under the law. If it is found to have breached data protection law, the Midlands News Association could be liable to pay compensation to those affected. Anyone who has been notified of their involvement in the data breach can contact us to make an enquiry about their potential compensation claim.
Fat Face data breach
In the penultimate week of March, retail chain Fat Face reportedly sent an email to customers notifying them of a breach that had first been identified in mid-January. Reportedly sent to thousands of affected customers, the email revealed that private data had been accessed by an unauthorised user for a limited period of time. It has also been alleged that customers were told to keep the notification of the Fat Face data breach private, and that the company has allegedly paid a ransom to a cybercrime gang.
These claims have yet to be fully verified, but there are still several issues arising out of the Fat Face data breach. The company’s notification to customers appears to be delayed at best, which raises questions about whether Fat Face followed the correct data breach notification procedures. At this stage, we do not know, and we will need to find out.
In any case, the victims whose private information was exposed could now fall victim to data misuse. If it emerges that Fat Face was at fault, victims may be eligible to make compensation claims, and we are already taking claims forward for this incident.
The Amey cyberattack- data breaches in the construction sector
Amey has joined the growing list of construction companies affected by hacks, after suffering the blow of a ransomware attack in mid-December last year. The Amey cyberattack reportedly exposed extensive company data, including information relating to employees and business transactions.
With much of the data being dumped on the hacker group’s leak site, the cyberattack has produced a substantial breach of company privacy that could significantly affect the operations of the infrastructure support service provider. As a giant of the industry, the Amey breach will likely raise concerns in the UK construction sector, with other companies worrying if they may be the next target.
Data Privacy Day 2021 – will we see future changes?
Data Privacy Day 2021 was marked recently on the 28th January, the fifteenth time the day has been celebrated. Also called Data Protection Day in the UK and Europe, Data Privacy Day commemorates the signing of the first international treaty that was legally binding for governing data protection and privacy, named Convention 108.
After what had been another eventful year of data breaches in 2020, we believe it is important for all individuals and organisations to start 2021 with a positive, proactive approach to data protection. The commemorative day at the start of the year should be valuable in raising awareness about issues relating to data privacy, yet nothing ever seems to change as we continue to see breach after breach after breach.
At Your Lawyers – The Data Leak Lawyers – we aim to empower victims of data breaches to take action against those who have failed to protect their data, to ensure that the consequences of data breaches can be learned. We feel that it is the most proactive way forward given that no amount of legislation or commemorative days appear to be making the difference that is really required.
Data leak at work – compensation advice
A data leak at work can be the worst nightmare of an employee, as the breach of privacy can feel incredibly exposing in a professional context.
It may also feel difficult to confront your employer about the damage that has been caused to you, particularly where the error of your colleague(s) has provoked the data breach, as this can make the aftermath a very difficult and stressful time.
All companies are required by law to ensure that they handle, process and store data according to the given data protection rules as set out in the GDPR. Even where a data protection error can seem innocuous, such as in an accidental email attachment, it can still constitute a breach of the GDPR. If you are an employee who has fallen prey to a data leak at a work, you may be entitled to claim compensation. We support victims of all kinds of data breaches to achieve the justice that they deserve, so contact us if you think you have a claim to make.
Arrest records lost in major police data error
A recent data handling error has left thousands of arrest records lost, after they were accidentally deleted from the Police National Computer (PNC).
The mistake represents an extremely severe blow to police operations, which could pose a threat to public safety. While initial statements set the number of lost records at 150,000, it has since been reported that as many as 400,000 crime records could be affected.
As one of our major national institutions, it is worrying to see that the police force has been hit by data loss of this scale. There is no room for such errors in an organisation responsible for protecting so much important information, which is one of its key weapons in detecting and arresting suspects.