Category: Technology
Ransomware healthcare attacks
The 2020 surge in ransomware healthcare attacks has highlighted how healthcare organisations have become more vulnerable to cyberattacks during the coronavirus pandemic. While many of us have turned to remote working over the past year, ransomware has long been a remote access tool for cybercriminals, allowing them to breach systems and take control of computer servers and machines from anywhere in the world.
In the UK, we constantly hear that our health service is constrained by limited resources, but few stop to consider the impact that this has on data privacy. Faced with outdated hardware and cybersecurity software in some cases, healthcare organisations could have poor defences against cyberattacks. They can be, therefore, risking the exposure of patient and employee data on a daily basis.
Every UK citizen has a right to have their personal information kept safe and secure by third-party organisations. This should mean that you may be entitled to claim compensation if your data has been exposed. For free, no-obligation advice, contact us today to talk to a member of our specialist data breach team.
Are too many organisations complacent about data protection?
Despite the fact that every consumer’s right to adequate data security is enshrined in law, it appears that too many organisations remain complacent about data protection.
A 2020 study by Kaspersky, reported by Security News Desk, reportedly found that 65% of IT security decision-makers agreed that their organisations were complacent about protecting customer data. Complacency and carelessness are unforgivable in this digital age, in which hackers are developing increasingly sophisticated ways of exposing personal data. In fact, organisations may be contributing to the rising tide of data breaches through their own negligence of established procedures and cybersecurity measures.
Your Lawyers – The Data Leak Lawyers – as leading data protection compensation solicitors, are here to support anyone who has fallen prey to the negligence of a third party. You can contact us for free, no-obligation advice if you think you have a data breach claim to make.
Careless approach to data protection – rights for victims
Despite the fact that there is extensive legislation designed to prevent data breaches, many organisations continue to have a careless approach to data protection.
In this digital age, in which consumers regularly disclose private data to third party companies online, it is unacceptable that many are neglecting their duty to protect this information.
We are always on the lookout for data leaks which show a carelessness on the part of the organisation, as this may mean that victims may be entitled to claim compensation for the exposure of their personal information. Unfortunately, many companies fail to realise that their data protection duties are equal to their responsibilities to deliver on the goods and services paid for by their customers. We believe that it is important to raise awareness of this widespread issue, and to make sure any victims can achieve justice for the effects of data breaches.
Arup data breach affects employee payroll information
Arup, an international professional services firm, has reportedly suffered a recent data breach, after their third-party payroll provider succumbed to a cybersecurity incident.
The payroll information of current and former employees is understood to have been affected, with Arup contacting those whose details have been compromised. We cannot yet put a number on the scale of the breach but, based on the information disclosed to customers, the Arup data breach may have affected many of the company’s employees.
We have already begun taking on cases for affected claimants, who may be entitled to recover compensation for the exposure of their personal data. If you have been notified of your involvement in the Arup data breach, please do not hesitate to contact us for free, no-obligation advice on your potential compensation claim.
Midlands News Association data breach exposes journalists’ private information
According to an article from HoldtheFrontPage, the Midlands News Association has recently suffered a data security incident that led to the publication of private details belonging to journalists.
This is understood to have included some of whom may have been employed by the newspaper as far back as 2011. It is believed that an unauthorised third party was able to access the data, and that they chose to post the stolen information online.
All data controllers have a legal responsibility to ensure that the data disclosed to them is stored and processed securely. If they ever fail to uphold this duty, they can be held to account under the law. If it is found to have breached data protection law, the Midlands News Association could be liable to pay compensation to those affected. Anyone who has been notified of their involvement in the data breach can contact us to make an enquiry about their potential compensation claim.
Fat Face data breach
In the penultimate week of March, retail chain Fat Face reportedly sent an email to customers notifying them of a breach that had first been identified in mid-January. Reportedly sent to thousands of affected customers, the email revealed that private data had been accessed by an unauthorised user for a limited period of time. It has also been alleged that customers were told to keep the notification of the Fat Face data breach private, and that the company has allegedly paid a ransom to a cybercrime gang.
These claims have yet to be fully verified, but there are still several issues arising out of the Fat Face data breach. The company’s notification to customers appears to be delayed at best, which raises questions about whether Fat Face followed the correct data breach notification procedures. At this stage, we do not know, and we will need to find out.
In any case, the victims whose private information was exposed could now fall victim to data misuse. If it emerges that Fat Face was at fault, victims may be eligible to make compensation claims, and we are already taking claims forward for this incident.
Arrest records lost in major police data error
A recent data handling error has left thousands of arrest records lost, after they were accidentally deleted from the Police National Computer (PNC).
The mistake represents an extremely severe blow to police operations, which could pose a threat to public safety. While initial statements set the number of lost records at 150,000, it has since been reported that as many as 400,000 crime records could be affected.
As one of our major national institutions, it is worrying to see that the police force has been hit by data loss of this scale. There is no room for such errors in an organisation responsible for protecting so much important information, which is one of its key weapons in detecting and arresting suspects.
Victims held to ransom by cybercriminals
Cyberattacks can be a common reason for the occurrence of data breaches, as criminals often target company databases to gain access to huge swathes of information. There is one type of attack that is particularly malicious in nature: when databases with highly sensitive data are hacked and the victims are held to ransom by cybercriminals, perhaps seeking payment in return for a vow that they will not misuse or publish the information.
These can sometimes be empty promises, placing the victims in danger whether they choose to pay up or reject the ransom. Unfortunately, poor data security of some organisations can often be the reason as to why victims end up in this defenseless position in the first place, as weaknesses in their systems could allow cybercriminals to break through.
If you have been put in a precarious situation due to a ransomware attack, we are here to advise you on your potential right to claim data breach compensation from those responsible for negligence.
East Devon Council password data leak
In a serious misstep at East Devon Council, the passwords of 37 council members were reportedly exposed online to other councillors, leaving private email inboxes potentially vulnerable to unauthorised access.
The error was quickly corrected, with affected councillors resetting their passwords. However, the period of vulnerability could have caused leaks of confidential information, which is why this is a serious matter.
Despite local authorities’ important responsibility to their communities and residents, we see data breaches happening far too frequently at local councils, suggesting that many are still failing to take their data protection duties seriously. At Your Lawyers – The Data Leak Lawyers – we believe that failures when it comes to data protection law justifies legal action, as many of these local authorities need to develop more rigorous data protection measures to protect people’s information. Where they fail to do so, we are here to help.
Data breaches and payment card fraud
It is unsurprising that bank account information and credit or debit card details are among the most sought-after types of data for cybercriminals. This is due to financial motives many hackers have when they carry out cybercrimes. Payment card fraud is, therefore, one of the most significant risks of data breaches, and can occur in many different ways.
If fraudsters gain access to your money, it can be very difficult to recover stolen funds directly. At Your Lawyers – The Data Leak Lawyers – we aim to hold the other guilty party to account in data breach cases, as a leading firm of data breach solicitors. In many instances, it is not just the criminal who is responsible for a data breach, but a third-party organisation may also be at fault if they failed to sufficiently protect personal data, and that is how criminals gained access to the details for you.