Reading:
Data breaches identified by third parties – what this means for victims
Share:
data breaches identified by

Data breaches identified by third parties – what this means for victims

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

For data breaches identified by third parties, what does this mean for the victim or victims, and what questions do we need to ask as part of a case?

Many of those that we represent are involved in cases and actions where the breach itself was revealed by someone other than the organisation that has committed the breach. In those sorts of cases, there are questions to be asked about how this is the case.

As a leading firm of data breach compensation lawyers, we may be able to help you.

Data breaches identified by third parties – what this means

Data breaches identified by third parties before the organisation that has committed the breach even knows about it can lead to added cause for concern. There shouldn’t be a breach in the first place but, when the incident itself is identified by someone other than the organisation affected, there are more questions to be asked.

The obvious one is why the organisation was unable to know that they had been breached in the first place. How was it that it took a third party to have to tell them that there is an issue?

We saw this in one of the major group actions that we are pursuing for our clients. In the case of the Virgin Media data leak, the exposed information was found by a third-party security researcher. This meant that the data had been left exposed for a period of ten months between April 2019 and February 2020.

In the context of a legal case for compensation, this can mean that there is a greater chance of success. If information has been left exposed for a long period of time and was not even identified by the organisation itself, this can demonstrate just how poor their approach is to information security.

There should be measures in place to prevent breaches but also to ensure that any risk or actual exposure of information is identified and rectified fast.

Are organisations being ignorant?

Sometimes, the damage from data breaches identified by security researchers, or even members of the public, could have been completely avoidable had warnings been heeded.

Many security researchers are constantly looking at the dark web, and when they see patterns or evidence that suggests a breach may have occurred, they will often notify the companies that may be involved. Unfortunately, not all of them take note; in fact, there has been suggestions in the past that many organisations are just ignoring the warnings that they receive. What they ought to be doing is taking steps to ensure that there has not been a breach, even if it just means being on the safe side.

In the Ticketmaster data breach compensation action that we represent clients for, it has been previously suggested that they were warned about the breach before it was discovered. It has been reported that Monzo Bank warned of the existence of the cyberattack in April before it was revealed two months later, basing their warnings on issues some of their customers had experienced.

Although after the fact, security researchers had suggested that the massive British Airways data breach event could have been avoided with a simple bug bounty costing as little as £10,000. It all shows that there is too little proactivity, and when data breaches identified by third parties are brought to the fore, it’s only right that more questions are asked.

Data breach rights enshrined in law

Data breach rights are enshrined in law. Victims can be entitled to claim compensation with us on a No Win, No Fee basis.

For free, no-obligation advice today, please don’t hesitate to contact the team here.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon