We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
Remote working has been a key security focus for some companies for a number of years, but the coronavirus pandemic has led to many more businesses adopting homeworking as a long-term practice. For some, remote working has longevity beyond social distancing restrictions. However, it can come with cybersecurity concerns, such that businesses must ensure they are effectively managing the risks of remote workers exposing data.
As well as the external cybersecurity threats to company servers, there is also a risk that undisciplined employees may make mistakes when they are no longer working in a controlled environment. Even the simplest of errors or oversights could allow sensitive information to become vulnerable.
Unfortunately, when the transition was made to remote working, some companies failed to make the cybersecurity adjustments required. Going forward, it is important that every company adapts their data protection strategies to the demands of remote working, or they may risk information exposure.
As patients, we trust that our data is held securely by healthcare organisations, and that medical professionals will only access and use our information when absolutely necessary. Unfortunately, hospital data snooping does occur, as some healthcare staff view patient information without authorisation or consent.
Whether intentional or unintentional, data snooping is a practice that all healthcare staff must steer clear of, particularly due to the sensitivity of medical records. It is understandably worrying for victims to learn that their information has been subjected to unauthorised access, as there could be malicious intent behind the user’s actions. When healthcare staff abuse or take advantage of their data access privileges in this way, it can constitute a breach of data protection law.
If you believe that your privacy has been violated in this way, you could be eligible to claim compensation for the harm caused. Contact us for free, no-obligation advice now if you think you may have a claim to make.
We are now two years on from the discovery of a mass snooping scandal in Greater Manchester involving Wrightington, Wigan and Leigh NHS Foundation Trust where the unauthorised access to medical records affected some 2,000 people.
We represent clients for cases in this serious abuse of access by what is understood to be more than one employee at the Trust in question. We represent clients for cases where their wider medical records were accessed during their treatment by people who did not need to access their data, and had no right or reason to. We have also been recommending that our clients check their medical records too as a number of inaccuracies have been identified also.
This all suggests that the practice of medical records data protection and organisation has been poor at the Wrightington, Wigan and Leigh NHS Foundation Trust. We continue to represent people for data breach compensation claims, and you can still join our group action for the mass snooping event. You can also speak to our team for free, no-obligation advice about general issues over unauthorised access to medical records as well.
Victims of a workplace data protection breach could be entitled to bring claims for compensation, and we will look at one such event involving Portland Business and Financial Solutions.
Given that employers and companies involved in employment matters often store and process particularly personal and sensitive data, the impact of a breach, leak or hack can be substantial.
Your Lawyers – as leading Data Leak Lawyers – represent thousands of people for privacy compensation claims. We have done so for over seven years, which is a lot longer than most other firms out there. With over £1m recovered just for mainly individual data victims to date, and over 50 group and multi-party data actions launched, we know what it means to be experts in this niche and complex area of law.
According to recent research, pension scheme data breach numbers have seen a significant increase in the past year or so. A study by Sackers, a specialist pension law firm, has reportedly highlighted fundamental data security issues in the industry, as the survey of businesses reportedly found that some 35% of trustees and employers had reported data breaches to their pension schemes.
The study comes not so long after the Now: Pensions data breach was revealed to the public at the end of 2020, which involved the exposure of approximately 30,000 customers’ private information. This is an action that we represent victims for on a No Win, No Fee basis.
The results of the study may lead to some much greater scrutiny of the pensions industry, and companies may need to reconsider their approach to data protection going forward. Our team here at Your Lawyers, as leading, specialist data breach lawyers, is concerned to see these figures.
In the modern digital world, it is rare that companies rely solely on their own internal IT capabilities to operate their computers and networks, instead engaging the services of IT companies to help them set up effective digital systems and often to provide good security for these systems. Even companies hired for the specific purpose of cybersecurity can neglect vulnerabilities. If this happens, an IT security company data breach may occur.
The element of third-party security risks can be one that companies overlook, but no data controller can evade its ultimate responsibility for a data breach. Whether the incident occurred due to a third-party provider or the company itself, those affected by data breaches could be eligible to claim compensation for any harm caused.
Whether you have sought out your own pension plan or you have been automatically registered on one by your employer, a significant portion of the working population is contributing to a pension plan. Pensions are perhaps not something we often think about in terms of a data security risk, but pension plan data breaches are capable of causing significant damage to those affected.
In fact, employers and pension providers often have to process and hold a variety of different details about employees meaning that, if such information is compromised, it can constitute a significant breach of the victims’ data privacy. Where pension companies or employers have failed to protect pension data, they may be liable to issue compensation pay-outs to those affected.
At Your Lawyers – the Data Leak Lawyers – as leading privacy claims experts we have been representing clients for data matters since 2014. Our experience in data breach claims means that we are well equipped to hold data controllers accountable for their negligence. We believe there is still too much complacency surrounding the importance of data protection, which is why we support data breach victims to ensure that they receive the compensation they deserve.
A misconduct hearing at Dyfed-Powys Police has reportedly told of a police officer misusing information for non-professional purposes.
The personal details in question are understood to have been taken when the officer fined a woman for a breach of Covid restrictions. If the special officer in question had not resigned before the hearing, he would likely have lost his job over the misuse of personal information.
As citizens, we have a right to trust that police officers use our information solely for the purposes of law enforcement. If they ever take advantage of the information, they have access to, it can constitute gross professional misconduct and a breach of data protection law. Anyone who has had their data exposed or misused by the police may be able to claim compensation for the harm caused.
Many fall into the trap of regarding human errors and cyberattacks as distinct causes of data breaches but, in many cases, they can be closely linked. In fact, human errors can leave data controllers vulnerable to cyberattacks. Where private information has been unjustly put at risk, the organisation responsible may have breached data protection law.
Unfortunately, third-party data controllers may try to blame their negligence on the increasing sophistication of cybercrime, but we believe that they must be held accountable for any mistakes. If you have fallen victim to a data breach as a result of the actions of a third party, you may be entitled to claim compensation for the harm caused.
Neither human errors nor cyberattacks should be brushed to the side as unfortunate accidents, and you deserve justice for the exposure of your personal data. Your Lawyers, as leading Data Leak Lawyers, are here to help you now.
A Chorley Council data breach has recently been reported after it was revealed that thousands of members of the public may have had their details exposed by the local authority. The incident appears to be yet another example of the damage that can be done to information security when employees make misjudgements.
Unfortunately, the incident at Chorley Council is only one in a long list of data breaches to have been caused by human error at local government bodies generally. Councils like Chorley should be striving to break with this trend, but there has unfortunately been little progress in terms of data protection it seems.
In the UK, all third-party data controllers are obliged to comply with the GDPR in their protection of the information that they hold and process. If they fail to do so, they can be held accountable, and those affected may have a right to make a compensation claim.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.