Huge hack affects thousands of NHS staff

Huge hack affects thousands of NHS staff

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Thousands of NHS staff in Wales have had their private information stolen after hackers accessed their details through an IT contractor’s server.

The private information included:

  • Full names;
  • Dates of Birth;
  • National Insurance Numbers;
  • Radiation doses.

NHS Shocked

The Welsh NHS were shocked to find such a huge data breach that has affected thousands of their employees and affiliated health service staff. It’s suspected that some 4,766 staff had their private information stolen – equating to 3,423 current and former NHS staff in Wales; and 1,343 staff who work in private hospitals, dentists, and veterinary staff.

It’s thought that the data breach could also affect NHS services in England and Scotland.

Government and ICO aware

The Welsh Government and the Information Commissioners Office (ICO) are both aware of the breach and will be conducting thorough investigations. If the ICO finds that Landauer has been negligent in their security measures, the data protection enforcement authority can issue a fine of up to £500,000.

Staff who work in radiology – like conducting X-rays for patients – have a radiation dose meter badge that keeps track of how much radiation they’re exposed to. This information was reportedly stored and processed by the IT Company, Landauer.

One radiographer told the BBC:

“My life could be compromised at any time in the future, we just don’t know what the hackers will do with this. If they are clever, they won’t use it straight away. So I’m worried something can happen in 10, 5 years’ time. Even longer.”

Unknown future…

The nature of stolen data is that, in most cases, it can never be known for sure to what extent the data has been compromised; especially if it has been uploaded onto the internet. With the vast abyss that is the internet, the smallest bit of information can be spread far and wide. Anyone who comes into contact with information can become a data controller, and who knows what they may do with such information…

Data threats are everywhere

Security expert David Jones said that data breach threats are everywhere.

Hackers are getting more and more sophisticated with their methods, and catching them is extremely difficult. Therefore, companies and other data controllers must do all they can to protect the information they hold. This is not just a moral obligation – the Data Protection Act provides a legal obligation through a number of legal principles.

The NHS is not a stranger to these rules as they themselves have been fined previously by the ICO for their inadequate security measures.

In a bid to protect the affected staff from further damage, the current and former workers have been offered free identity theft support for a year. This offer doesn’t seem so generous when we consider the radiographer’s words above; that the information may not be used straight away. Unless the perpetrator is caught and all evidence of the compromised data is wiped, the affected victims could be worried for the rest of their lives that someone out there holds their private information over their heads indefinitely.

Delay in informing staff affected

The ICO are aware that there was a delay in informing affected staff of the breach. Quite often, breached companies or authorities will not inform affected staff or customers in efforts to try and avoid panic, or because they think the problem will be quickly resolved. This way of thinking is simply out-dated and must be changed as soon as possible. With every delay in notifying affected data leak victims, more opportunity can arise for the hackers to abuse the information they have stolen.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon