Tag: employee breaches
Victims of a workplace data protection breach could be entitled to bring claims for compensation, and we will look at one such event involving Portland Business and Financial Solutions.
Given that employers and companies involved in employment matters often store and process particularly personal and sensitive data, the impact of a breach, leak or hack can be substantial.
Your Lawyers – as leading Data Leak Lawyers – represent thousands of people for privacy compensation claims. We have done so for over seven years, which is a lot longer than most other firms out there. With over £1m recovered just for mainly individual data victims to date, and over 50 group and multi-party data actions launched, we know what it means to be experts in this niche and complex area of law.
According to recent research, pension scheme data breach numbers have seen a significant increase in the past year or so. A study by Sackers, a specialist pension law firm, has reportedly highlighted fundamental data security issues in the industry, as the survey of businesses reportedly found that some 35% of trustees and employers had reported data breaches to their pension schemes.
The study comes not so long after the Now: Pensions data breach was revealed to the public at the end of 2020, which involved the exposure of approximately 30,000 customers’ private information. This is an action that we represent victims for on a No Win, No Fee basis.
The results of the study may lead to some much greater scrutiny of the pensions industry, and companies may need to reconsider their approach to data protection going forward. Our team here at Your Lawyers, as leading, specialist data breach lawyers, is concerned to see these figures.
In the modern digital world, it is rare that companies rely solely on their own internal IT capabilities to operate their computers and networks, instead engaging the services of IT companies to help them set up effective digital systems and often to provide good security for these systems. Even companies hired for the specific purpose of cybersecurity can neglect vulnerabilities. If this happens, an IT security company data breach may occur.
The element of third-party security risks can be one that companies overlook, but no data controller can evade its ultimate responsibility for a data breach. Whether the incident occurred due to a third-party provider or the company itself, those affected by data breaches could be eligible to claim compensation for any harm caused.
Whether you have sought out your own pension plan or you have been automatically registered on one by your employer, a significant portion of the working population is contributing to a pension plan. Pensions are perhaps not something we often think about in terms of a data security risk, but pension plan data breaches are capable of causing significant damage to those affected.
In fact, employers and pension providers often have to process and hold a variety of different details about employees meaning that, if such information is compromised, it can constitute a significant breach of the victims’ data privacy. Where pension companies or employers have failed to protect pension data, they may be liable to issue compensation pay-outs to those affected.
At Your Lawyers – the Data Leak Lawyers – as leading privacy claims experts we have been representing clients for data matters since 2014. Our experience in data breach claims means that we are well equipped to hold data controllers accountable for their negligence. We believe there is still too much complacency surrounding the importance of data protection, which is why we support data breach victims to ensure that they receive the compensation they deserve.
A misconduct hearing at Dyfed-Powys Police has reportedly told of a police officer misusing information for non-professional purposes.
The personal details in question are understood to have been taken when the officer fined a woman for a breach of Covid restrictions. If the special officer in question had not resigned before the hearing, he would likely have lost his job over the misuse of personal information.
As citizens, we have a right to trust that police officers use our information solely for the purposes of law enforcement. If they ever take advantage of the information, they have access to, it can constitute gross professional misconduct and a breach of data protection law. Anyone who has had their data exposed or misused by the police may be able to claim compensation for the harm caused.
Many fall into the trap of regarding human errors and cyberattacks as distinct causes of data breaches but, in many cases, they can be closely linked. In fact, human errors can leave data controllers vulnerable to cyberattacks. Where private information has been unjustly put at risk, the organisation responsible may have breached data protection law.
Unfortunately, third-party data controllers may try to blame their negligence on the increasing sophistication of cybercrime, but we believe that they must be held accountable for any mistakes. If you have fallen victim to a data breach as a result of the actions of a third party, you may be entitled to claim compensation for the harm caused.
Neither human errors nor cyberattacks should be brushed to the side as unfortunate accidents, and you deserve justice for the exposure of your personal data. Your Lawyers, as leading Data Leak Lawyers, are here to help you now.
A Chorley Council data breach has recently been reported after it was revealed that thousands of members of the public may have had their details exposed by the local authority. The incident appears to be yet another example of the damage that can be done to information security when employees make misjudgements.
Unfortunately, the incident at Chorley Council is only one in a long list of data breaches to have been caused by human error at local government bodies generally. Councils like Chorley should be striving to break with this trend, but there has unfortunately been little progress in terms of data protection it seems.
In the UK, all third-party data controllers are obliged to comply with the GDPR in their protection of the information that they hold and process. If they fail to do so, they can be held accountable, and those affected may have a right to make a compensation claim.
In many cases, data protection breaches arise as a result of human error. A CybSafe analysis of data breaches reported to the ICO found that 90% of UK data breaches in 2019 were caused by user mistakes. The employees responsible for cybersecurity would, therefore, seem to be failing to adhere to data protection law, but there is much more to it than that.
Despite the high incidence of human error, it is employers who bear the ultimate responsibility for upholding data protection at their companies. This can mean that, when a data breach occurs, organisations may be liable to pay compensation. If you have been affected by a data breach caused by an employee, you can still have every right to make a claim and recover compensation from the organisation as a whole.
Despite looking up private police records without authorisation, a Detective Sergeant has recently evaded dismissal following a misconduct hearing. In the Northamptonshire detective data breach case, the Detective Sergeant reportedly looked up the details of a woman with whom he was engaging in an extra-marital relationship with at the time, who was involved in a case he was working on.
His actions reportedly amounted to misconduct, so the Northamptonshire Police appear to be sending mixed messages by not taking the matter any further. The police can, and often do, dismiss officers for similar offences, but this officer’s acceptance of the accusations against him, and his standing in the force, seem to have allowed him to avoid further consequences.
Police data breaches like this should be treated with the severity that they merit, taking account of the potential damage such actions can cause. Police services cannot afford to let employees off lightly for breaching data access regulations, as doing so could risk compromising the force’s reputation and its overall data security and integrity.
In June 2018, the Shurgard data breach came to our attention, and we began to advise those affected by the incident. It was found that an internal error had led to personal information about employees being mistakenly shared, allegedly with all employees in the company.
It may seem that internal company data breaches are not as severe as those that provoke widespread public data exposure but, in fact, incidents such as these can be highly serious for those affected. Data protection errors must be avoided in all circumstances, as even the most basic of mistakes can have harmful implications.
All businesses and organisations in possession of personal data have a legal obligation to protect this information to the best of their abilities. Where they fail to meet this obligation, it can constitute a breach of data protection law. Those affected by the Shurgard data breach, or any other incident like this, may have a right to recover compensation for a data breach incident. To hear more about your potential right to claim, contact our specialist data breach team for free, no-obligation advice.