Welcome To The Data Leak Lawyers Blog

Indian telecom operator warns businesses of the “real threat” of data breaches.

New Delhi based telecom operator Bharti Airtel has spoken out about the “real threat” data breaches cause to businesses and organisations.

The company say it prides itself in taking cyber security and customer privacy “very seriously”, India’s economic times reports. Airtel’s comments were prompted by a recent data breach that reportedly exposed an internet and telecom provider’s customer database, which may have been accessed by an unauthorised third party who uploaded the stolen information on an independent website called Magicapk.

This is relevant for us to keep an eye on here in the U.K. Data breaches abroad can affect us here too, and we know a lot of organisations outsource to countries like India. These worries should be at the forefront of all our minds.
read more

By Author

U.S. Congress struggle to come to a consensus on data breach reporting

They may not be the only ones given data breaches are increasing over here in the U.K. too; so will we follow suit?

There is no doubt that cyber-security is one of the top concerns for the developed world. In an age where almost everything is digitalised and connected to the internet, cybercriminals have the power to bankrupt a multi-billion dollar business enterprise, collapse global organisations and even cause untold chaos to governments.

Legislative governments across the world are having to vote in new laws and regulations to defend against cybercrime. Now, the U.S. Congress are coming up with all sorts of ideas on how best to combat cybercrime, including the best procedures for reporting data breaches.
read more

By Author

Is “military-grade” cyber-security required to combat data breaches?

Data breaches are at an ‘all-time high’. In this modern world where most things are done electronically and are connected to the internet, without sufficient cyber-security, our data is exposed to cybercriminals who can steal our money, spread our personal information around, and wreak havoc with our identities.

Whilst many encourage development of new applications and innovative software to help us share information at a click of a button, and pay our bills with a swipe of a finger, cyber-security is falling behind.

With the growing trend of breaches, what can we do to fully protect ourselves? Do we all need “military-grade” protection like our armed forced and government intelligence agencies do?
read more

By Author

Google employees fall victim to data breach

A number of employees at Google have been warned that some of their personal information may have been compromised because of a third party data breach.

Sabre Hospitality Solutions is a platform allowing users to plan trips and book hotels through their site. Sabre developed the SynXis Central Reservation System to allow guests, hotels and travel agencies from all over the world to book travel and accommodation through the unified service.

Google uses Calson Wagonlit Travel as the middle-man to arrange work-related trips for its employees. Unfortunately, Sabre’s database was hacked, meaning personal information belonging to Google’s recently travelled employees may have been compromised.
read more

By Author

Data breaches are costly: not just financially but they impact seriously on consumer confidence

Data breaches have become the talk of the town in the privacy world for decades. The apparent lax attitude of some companies and organisations appears to have resulted in data breach costs soaring.

The 2016 Cost of Data Breach Study, undertaken by Ponemon and IBM, found that the average total cost of a data breach increased from £2.37 million in 2014 to £2.53 million in 2015.

And we can only see it growing and growing…
read more

By Author

Gloucester City Council fined £100,000 for “allowing” Heartbleed cyber-attack

Gloucester City Council have let down employees after cyber-attackers accessed their personal details. The Information Commissioner’s Office (ICO) has imposed a monetary penalty of £100,000 for their reportedly lax attitude.

On 7^th April 2014, there was the vulnerability known as ‘Heartbleed’ which gathered huge media attention. The vulnerability was quickly addressed as the affected software (‘OpenSSL’) was released which fixed the vulnerability. Unfortunately, the vulnerability was overlooked as Gloucester City Council was in the process of outsourcing its IT services to a third party company on 1^st May 2014.
read more

By Author

Indiana Medicaid data breach may affect an “undisclosed” number of patients

Medicaid was started in the U.S to help families and individuals who struggle to pay for medical care. The social healthcare program is run by the government and provides financially limited people with free health insurance.

As we know, organisations like this are just as vulnerable as others to data breaches, data leaks, and cyber hacks.

In this instance, patient data was reportedly accidentally made live through a hyperlink (internet web link). The hyperlink was publicly accessible, meaning anyone who clicked on it could see the medical information contained on it.
read more

By Author

2017: The year of the healthcare data breaches!

Health data breaches have seen an unprecedented rise in recent times. Overwhelmed and untrained healthcare administrators appear to be making simple errors in some cases, and as a result, millions of people are at risk of their personal information being released.

On top of this, cyber criminals are targeting hospitals, GP practices and University health research facilities to steal and hold medical data for ransom. In the ever-advancing digital world, our cyber security measures are failing to keep up, and it seems like the healthcare sector still remains way off the mark.
read more

By Author

Recent ICO data security incident trends

A data breach is the intentional or unintentional release of secure or private/confidential data by, say, employees, cyber-hackers, political activists or national governments.

The Information Commissioner’s Office (ICO) is the U.K.’s independent privacy watchdog who have the responsibility of upholding information rights for the benefit of the public interest. Though there isn’t a legal responsibility on companies and/or organisations to report all data security breaches, it’s considered good practice to do so.

Here’s a look at some of the recent data security incident trends from the ICO.
read more

By Author

Morrisons fined £10,500 for breaching data privacy rights

The 4^th largest supermarket chain in the U.K. has been fined by the Information Commissioner’s Office (‘ICO’) for breaking data protection laws in regards to how personal information is being used when sending marketing emails.

The ICO undertook an investigation into the supermarket chain after allegations were made by an individual that WM Morrison Supermarkets PLC (‘Morrisons’) were sending emails that customers had previously opted out of.

The Commissioner wrote to Morrisons on 28^th November 2016 notifying them of the complaint made against them.
read more

By Author