Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
A hefty fine has been issued over the 2016 Uber cyber attack as a result of security flaws that could have prevented the breach in the first place.
The data for some 2.7m Uber customers in the UK was compromised, as were the records for over 80,000 drivers. The fine, issued by the ICO (Information Commissioner’s Office), is small in comparison to potential GDPR fines. This is because the cyber attack took place in 2016 before the new rules came into force.
Had the cyber attack have happened this year, Uber could have faced fines in the millions.
An Amazon data breach incident took place in the lead up to the big Black Friday sales a few weeks ago.
The incident reportedly stemmed from a technical problem.
In the data protection breach, customer names and email addresses were inadvertently posted on the company’s website. They were removed upon discovery of the error, and customers affected by the data breach have been informed.
The Information Commissioner’s Office (ICO) is said to be looking into the situation.
There are questions that remain unanswered following the Dell data breach incident that took place last month.
It’s still not fully clear as to whether any data was taken. If it was, whose data was exposed, and how much of it was exposed? It has been suggested that all Dell customers ought to change their password just in case, and they should also remain vigilant. The data breach activity that was detected in November identified an attempt to steal customer information. All that’s known is that it’s possible some data was taken.
This was another high-profile data breach, and another where a reactive approach as opposed to a proactive approach appears to have been taken. read more
The massive November 2016 Tesco data breach has led to a ground-breaking fine issued in the sum of £16.4m.
The fine has been issued by the Financial Conduct Authority (FCA). It’s understood that this is the first time that the FCA has issued a fine for an online fraud incident.
The level of the fine is thought to reflect the severity of the Tesco data breach. This was an avoidable incident that arose from Tesco’s lax security. The incident led to customers of Tesco Bank losing millions of pounds in stolen funds.
The Plusnet data breach that was revealed in September 2018 was another example of a system update that went horribly wrong.
During the process of the internet provider updating its billing system, a data breach incident occurred. The issue led to a number of customers being able to view the personal data for other customers instead of their own.
The Plusnet data breach is practically the same as the huge TSB bank software issue from earlier this year. When they updated their systems, customers were able to see the banking details for other customer. Some were even able to transfer money and make payments.
A Bupa data breach has led to a significant fine from regulators in the sum of £175,000.00 after 198 complaints were made.
The breach period occurred between January and March 2017, meaning it has not attracted a GDPR fine. However, a large fine was levied because Bupa were found to have failed to take enough action to protect their customers’ data.
It has also transpired that customer data was vulnerable at the time of the initial data breach. This stemmed from a lack of monitoring of their customer relationship management system, known as SWAN.
According to some recent and rather worrying research, the question as to who is responsible for data protection is that it’s a HR problem, some executives say.
According to a spread of UK executives who were asked about where the responsibilities are in terms of compromised credentials, like stolen or misused passwords, it’s a HR training issue.
It’s understood that one-fifth of respondents placed the responsibility in the hands of HR departments, with close to a thousand executives questioned. Some respondents also considered compromised credentials and weak passwords as very little risk to the business as well.
There are suggestions that mobile phone data protection is lagging behind as a result of security immaturity and attitudes toward mobile safety.
The smartphone industry in particular has grown exponentially in recent years, and with more than half of the internet’s traffic thought to be on mobile devices, and with mobile apps springing up all the time, some experts are concerned at the lack of maturity mobile phone data protection has when compared to desktop protection.
Does security and attitudes need to change?
The year of 2017 saw a monumental 2.7 BILLIION data records compromised around the world as a result of data breaches and data hacks, estimates say.
This overall estimated figure of data records compromised is terrifying, with the UK reportedly in second place (behind the US) when it comes to the league table of breaches around the world.
They really are happening all the time and all over the place, and figures suggest that numbers have almost doubled in the UK from 2016 to 2017.
Cybersecurity is not a priority for most businesses in the UK, results from recent research has indicated.
Despite us being in a time where the importance of cybersecurity has never been more prevalent, businesses are still not showing the respect to cybersecurity that it deserves. In fact, recent research suggested that just 10pc of UK businesses see cybersecurity as their biggest challenge to economic success, despite 2018 being the big year of the GDPR changes.
With the Information Commissioner’s Office (ICO) now having the power to fine data breach offenders up to £17m, how cybersecurity is not a priority is incredibly baffling.
EasyJet admits data of nine million hacked
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
