Reading:
NurseryCam data breach
Share:

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

NurseryCam data breach

The recent NurseryCam data breach reportedly exposed the information of parents using the webcam service, which allows them to watch live footage of their kids at nursery.

Said to be in use across 40 nurseries in the UK, the company believes that the breach did not allow unauthorised users to view the webcam footage, but it nevertheless had the potential to cause a substantial violation of privacy had action not been taken quickly. It is currently unclear how many users of NurseryCam have been affected.

The news comes following a public dispute between NurseryCam and a cybersecurity expert, who had reportedly identified holes in the company’s defences prior to the data breach. As a result, the incident undoubtedly raises questions about the strength of the cybersecurity measures used by the company, and perhaps also the general attitude towards data protection among employees.

The NurseryCam data breach – what happened?

The NurseryCam data breach was first made apparent to the company on 19th February, with the issue being dealt with not long after. NurseryCam reportedly had no reason to believe that unauthorised viewers had watched the webcam footage, but the server was temporarily shut down as a sensible precaution.

A “loophole” in the systems was reportedly discovered by a third party, which was understood to be compromising the information stored for parents’ accounts. The affected details may have included names, username and passwords, as well as email addresses, all of which may have fallen into the hands of unknown people.

Ignored warnings and near misses

In a stroke of luck, it seems that the person who obtained the private data has no intention to misuse it, perhaps making this a “near miss” kind of affair. The company director of NurseryCam claims that the person who the data was exposed to has expressed that he means no harm. In addition, the consultant who previously complained of NurseryCam’s alleged system insecurities is understood to have been in contact with the hacker who reportedly showed him a redacted version of the data that had been stolen.

The consequences of the NurseryCam data breach may have been much worse if a hacker with malicious intentions had been involved, and still could be if someone goes against the promises allegedly made.

NurseryCam’s director states that the system’s flaws are unconnected to those which were previously alleged by the cybersecurity consultant. However, it is worrying that NurseryCam failed to locate the insecurities which caused the data breach in any event, and that the consultant appears to have been largely proven right in his concerns.

In many comparable data protection breach examples, UK consumers have suffered as a result of companies failing to act upon cybersecurity warnings. The Equifax data breach, for which we are currently representing clients in a group action, occurred when hackers took advantage of a known cybersecurity vulnerability which the company failed to patch up.

Claiming for a data protection breach

In the age of the GDPR, companies cannot get away with loopholes or flaws in their systems. They have a duty to implement and monitor cybersecurity measures effectively, just as they have a duty not to disclose private data without permission.

Incidents such as the NurseryCam data breach cannot simply be blamed on the technology, as data controllers are ultimately in charge of the upkeep of cybersecurity technology.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon