Tag: data leak
Arup, an international professional services firm, has reportedly suffered a recent data breach, after their third-party payroll provider succumbed to a cybersecurity incident.
The payroll information of current and former employees is understood to have been affected, with Arup contacting those whose details have been compromised. We cannot yet put a number on the scale of the breach but, based on the information disclosed to customers, the Arup data breach may have affected many of the company’s employees.
We have already begun taking on cases for affected claimants, who may be entitled to recover compensation for the exposure of their personal data. If you have been notified of your involvement in the Arup data breach, please do not hesitate to contact us for free, no-obligation advice on your potential compensation claim.
According to an article from HoldtheFrontPage, the Midlands News Association has recently suffered a data security incident that led to the publication of private details belonging to journalists.
This is understood to have included journalists who were employed by the newspaper as far back as 2011. It is believed that an unauthorised third party was able to access the data, and that they chose to post the stolen information online.
All data controllers have a legal responsibility to ensure that the data disclosed to them is stored and processed securely. If they ever fail to uphold this duty, they can be held to account under the law. If it is found to have breached data protection law, the Midlands News Association could be liable to pay compensation to those affected. Anyone who has been notified of their involvement in the data breach can contact us to make an enquiry about their potential compensation claim.
In the penultimate week of March, retail chain Fat Face reportedly sent an email to customers notifying them of a breach that had first been identified in mid-January. Reportedly sent to thousands of affected customers, the email revealed that private data had been accessed by an unauthorised user for a limited period of time. It has also been alleged that customers were told to keep the notification of the Fat Face data breach private, and that the company has allegedly paid a ransom to a cybercrime gang.
These claims have yet to be fully verified, but there are still several issues arising out of the Fat Face data breach. The company’s notification to customers appears to be delayed at best, which raises questions about whether Fat Face followed the correct data breach notification procedures. At this stage, we do not know, and we will need to find out.
In any case, the victims whose private information was exposed could now fall victim to data misuse. If it emerges that Fat Face was at fault, victims may be eligible to make compensation claims, and we are already taking claims forward for this incident.
Amey has joined the growing list of construction companies affected by hacks, after suffering the blow of a ransomware attack in mid-December last year. The Amey cyberattack reportedly exposed extensive company data, including information relating to employees and business transactions.
With much of the data being dumped on the hacker group’s leak site, the cyberattack has produced a substantial breach of company privacy that could significantly affect the operations of the infrastructure support service provider. As a giant of the industry, the Amey breach will likely raise concerns in the UK construction sector, with other companies worrying if they may be the next target.
Data Privacy Day 2021 was marked recently on the 28th January, the fifteenth time the day has been celebrated. Also called Data Protection Day in the UK and Europe, Data Privacy Day commemorates the signing of the first international treaty that was legally binding for governing data protection and privacy, named Convention 108.
After what had been another eventful year of data breaches in 2020, we believe it is important for all individuals and organisations to start 2021 with a positive, proactive approach to data protection. The commemorative day at the start of the year should be valuable in raising awareness about issues relating to data privacy, yet nothing ever seems to change as we continue to see breach after breach after breach.
At Your Lawyers – The Data Leak Lawyers – we aim to empower victims of data breaches to take action against those who have failed to protect their data, to ensure that the consequences of data breaches can be learned. We feel that it is the most proactive way forward given that no amount of legislation or commemorative days appear to be making the difference that is really required.
A data leak at work can be the worst nightmare of an employee, as the breach of privacy can feel incredibly exposing in a professional context.
It may also feel difficult to confront your employer about the damage that has been caused to you, particularly where the error of your colleague(s) has provoked the data breach, as this can make the aftermath a very difficult and stressful time.
All companies are required by law to ensure that they handle, process and store data according to the given data protection rules as set out in the GDPR. Even where a data protection error can seem innocuous, such as in an accidental email attachment, it can still constitute a breach of the GDPR. If you are an employee who has fallen prey to a data leak at a work, you may be entitled to claim compensation. We support victims of all kinds of data breaches to achieve the justice that they deserve, so contact us if you think you have a claim to make.
A report has revealed that a recent Birmingham City Council data breach incident has taken place after private information was mistakenly published online.
It is alleged that the exposed data included the details of “vulnerable children”, although this has reportedly been disputed by the local authority. The council said that a number of citizens were affected, but has yet to confirm just how many people were affected.
The Birmingham City Council data breach appears to be yet another example of the human error data breaches we have seen occur at local authorities time and time again. As advocates of data security, we believe that there is never an excuse for errors such as this, as everyone has the right to have their private data kept safe. In many cases, victims of data breaches can be eligible to claim compensation for any harm caused. This may also be a possibility for those affected by the breach at Birmingham City Council.
In what is continuing to be a common trend for local government authorities, the recent Blackpool Council data leak has seen the exposure of personal data belonging to hundreds of individuals.
The issue has been labelled as a so-called accidental “human error” incident. A data handling mistake reportedly resulted in the details of about 428 people being made public, when the data should have remained private.
Occurring within months of our coverage of the Hackney Council cyberattack and the Bristol City Council data leak, this breach unfortunately comes as no shock to us. It probably comes as no shock to anyone who has become familiar with recurring patterns of council data leaks in general. Inadequate data protection practices at so many local councils means that this is a nationwide problem. We are here to help anyone affected by data breaches like this, striving to win them the compensation they deserve.
For businesses with expanding opportunities and responsibilities, it often becomes necessary to hire external providers and suppliers to ensure the efficiency of company operations. Data leaks from outsourcing can unfortunately occur when these external providers lapse in protecting the information held by the company they work with.
However, when a data leak does arise, it is not acceptable for the affected company to simply shift the blame onto an external supplier or provider. Ultimately, the responsibility to protect the information of customers, members and employees falls on the organisation itself as a result of the legal duties that they must adhere to. Even in cases where an external provider caused the leak, the victims can still be eligible to claim compensation either way.
A constable at Derbyshire Police has recently faced a misconduct hearing over allegations of unlawfully accessing records of a police incident and then sharing a photo of the file with colleagues.
Although the officer’s actions contravened policing standards and data protection law, he has escaped dismissal and will be allowed to continue serving at Derbyshire Police.
Regardless of the verdict of the hearing, a breach such as this should never have occurred at all. Testaments to the officer’s reportedly “excellent” work as an officer do not erase his culpability for what has been regarded as an incredibly reckless action. As an organisation with access to extensive personal data, the police service has a vital duty to be rigorous in data protection and we should all feel safe that our information with them is secure. Our trust in the police should never be abused.