Tag: email leaks
Posted by Matthew on December 27, 2018 in the following categories: Cybersecurity Latest Mobile Data Smartphones Technology and tagged with email leaks | online security | personal data | phishing scams
Without even knowing it, your emails may be being read by companies, and you may feel that this is a Gmail data breach.
The recent admission by Google that they’ve been allowing companies to scan emails is a worrying one. App developers are reportedly able to access data in Gmail mailboxes to use it for marketing purposes. Even employees were manually reading mailboxes in order to train AI software to then do it for them.
If this applies to you, whether this can be classed as a Gmail data breach or not is apparently open for debate.
The Cornwall Council data breach was yet another email blunder where addresses and personal information was not masked in a mailshot
In the breach, an email about disabled children was sent to over 150 people relating to their max card scheme. The max card scheme is a scheme for discounts for foster families and families with disabled children.
In yet another email breach, the personal data and email addresses in the mailshot were exposed. Neither the BCC function or a mailing platform had been used to avoid the data breach. It may attract a GDPR-style fine given it took place after the new rules came into force.
The Hastings Council data breach on the eve of the GDPR coming into force showed just how easy the human error element is.
The irony was that the breach involved an email being sent out with an opt-in or opt-out offer for compliance with the new GDPR. They sent the email on the eve of the new rules coming into force. It all seemed very sensible.
That was until it was realised that all the recipients’ information was visible to each other. Yes, that’s right. A GDPR information email was sent out that breached data protection rules itself. It was another simple case of avoidable human error.
You may be entitled to claim compensation as a victim of a council email breach, and our Data Leak Lawyers are here to help you.
A number of council email breaches have taken place over the years, and they can often happen by human error or software problems. Whatever the cause, they are often seen as systemic issues that can be easily resolvable, meaning the breaches should never have happened in the first place. For this reason, depending on the data breached, victims can be entitled to claim for data breach compensation.
The ICO has issued a fine for the IICSA data breach that took place last year. The fine amounts to £200,000.00 given the sensitive nature of the data involved in the breach.
The ICO (Information Commissioner’s Office) said last month that, “This incident placed vulnerable people at risk, which is concerning. IICSA should and could have done more to ensure this did not happen.”
The IICSA data breach was another scenario of a simple but very avoidable data breach that has ultimately led to incredibly sensitive and personal information being exposed.
Lessons learned: the university that came under fire for leaking sensitive and confidential data on its students
The University of East Anglia (UEA) was met with anger and disappointment from students and the general public when it was revealed that a member of staff made a horrific error when they sent out a spreadsheet listing named students’ extenuating circumstances. The spreadsheet identified some 40 students by name and student ID numbers, and had their private and confidential information right next to their names.
The spreadsheet showed which students were entitled to things like longer deadlines as their extenuating circumstances included personal matters such as family illnesses and bereavements; mental health problems, including depression; and even sexual assaults.
Corporate finance firm Deloitte disclosed a data breach that compromised its internal emailing system, but apparently the breach only affected a “very few” clients.
Those “very few” clients may be not-so impressed with, what appears to be, the company’s attempts to shrug the data breach off as less-than serious just because a small minority of clients were affected.
The company ironically recently rolled out its Cyber Risk Services and even received applause for its growth in cyber intelligence. This kind of breach for a firm of this nature – much like the Equifax breach – is incredibly worrying.
West Sussex County Council apologises for data breach in inviting business owners to cybersecurity event
West Sussex County Council has apologised to numerous business owners for an ironic data breach that occurred in the process of inviting them to a cybersecurity event.
Located in Chichester, the Council sent an invite to some 200 individuals’ email addresses but used the wrong ‘blind carbon copy’ option, revealing the recipients’ email addresses to each other.
It’s a common form of breach – one that has had grave consequences in other cases, like that of the 56 Dean Street Clinic we are helping people claim for when they revealed the personal details of patients using the clinic for HIV services.
A ‘spambot’ named Onliner has reportedly collected personal information tied to 711 million email addresses and dumped them on a server.
The spambot was designed to infect devices, spreading malicious software that could steal valuable personal information, as well as discharge viruses and spam/junk emails. Spam emails are not only a nuisance but they often carry phishing software; enticing users to click on seemingly harmless links that hide further malware. From there, cybercriminals can trick users into revealing more information, and sometimes bank details directly, as well as taking control of computers.
The Information Commissioner’s Office (ICO) is investigating Newcastle City Council after a data breach exposed the personal information of adopted children.
The north-eastern council has recently come under fire for the breach that saw the personal information of 2,743 adopted children – information which included sensitive data about the children, and included data on parents, social workers and former adoptees – sent out in an email by mistake.