First published by Matthew on January 07, 2020 in the following categories: Claims GDPR ICO Latest Security and tagged with data breach | data controllers | data leak | gdpr | ico | medical records | personal data
It’s official: the first GDPR fine in the UK has been issued to Doorstep Dispensaree for data protection breaches that spanned across a two-year period.
This one involves medical data, which is some of the most personal and sensitive forms of data that there is. Medical data breach compensation claims account for a large proportion of the legal cases that we take forward because of how common they can be, and because of the impact on victims. The impact is often severe because this is the kind of information that we do not want to be misused or exposed.
The breach period, in this case, is between June 2016 and June 2018, which means that it just falls within the GDPR start period from May 2018. The Information Commissioner’s Office (ICO) was reportedly alerted to the breach by the Medicines and Healthcare Products Regulatory Agency (MHRA) who were conducting unrelated enquiries.
First published by Matthew on December 18, 2019 in the following categories: Claims Cybersecurity GDPR Group Action Hacking News Latest Security and tagged with compensation | cyber attack | cyber crime | cybersecurity | database security | gdpr | Group Action | personal data
The Missoma data breach has a very familiar feel to it. In fact, it feels identical to a number of previous breaches, including compensation actions we’re involved with.
Reportedly, an email sent to customers has confirmed that a data breach has taken place and that malicious software from a third-party had been used to target customers’ payment details. It appears that malicious code has been injected into the payments part of the website in order to steal data processed through it.
Although news of the breach has only just broken, the circumstances surrounding the incident appear to be exactly the same as a number of other data breaches that have taken place in recent years as well.
In the same way that fines can be far higher, will we also see higher GDPR compensation amounts since the new law came into effect in May 2018?
Although data breach compensation amounts are still based on the individual impact to the victim, and this hasn’t changed since GDPR, the new laws can make brining a claim an easier thing to do. The law is more stringent than the previous Data Protection Act, so there can be more avenues for people to be able to claim. And the recent court case victory has also paved the way for people to be able to launch a claim even if they haven’t suffered any distress or loss at all.
The difference in fines is, of course, monumental. We have already seen the power that regulators now have to ensure data breach offenders are properly punished.
It’s important to know your GDPR data breach rights, and as a pioneering data breach compensation law firm, our expert advice and representation can help.
I once read that, statistically, data breaches are more common than rain in the UK. Having lived here all my life, and travelled a fair few places around the world, that statement seems excessive. The weather, and how wet it is, is a common part of British life!
But it’s apparently true. So, with this in mind, let’s look at your GDPR data breach rights and how we can help you when it comes to making as claim for compensation.
If you’re not sure about how to make a GDPR claim, here’s some advice about what you can do to make sure you get the justice you deserve as a victim of a data breach incident.
The new GDPR that came into force in 2018 allows for victims whose information has been exposed or misused to be able to claim compensation. You can be entitled to claim damages for any distress caused and for any financial losses as well. Generally speaking, the more you suffer, the more the data breach compensation pay-out could be.
A really important thing to know is that the GDPR fines that the Information Commissioner’s Office (ICO) issues are not intended to be compensation for victims. When it comes to justice for the victims, you should speak to a lawyer! As a law firm, here’s out advice in how to make a GDPR claim.
Issues surrounding a number of Sunderland Council data breach incidents have hit the headlines in recent weeks, with some 170 incidents said to have been recorded.
In the GDPR era, councils and local authority agencies must take their data protection responsibilities seriously. They hold a lot of information about a lot of people, and if this is exposed, the impact on the victim can be severe.
A large volume of the individual cases we take forward are for council data breach compensation claims because of how often they can occur, and because of nature of the information that can be exposed or misused.
First published by Matthew on August 06, 2019 in the following categories: Claims Cybersecurity GDPR Hacking News Security University Data Breaches and tagged with compensation | cyber attack | cyber crime | cybersecurity | gdpr | Lancaster University Data Breach | personal data
It’s understood that the recently discovered Lancaster University cyber incident may have affected as many as 12,500 people.
The university was hit by what they called a “sophisticated” cyber-attack that had affected the data for some students and applicants. It’s now understood that the number of people whose data may have been exposed in the attack could be as many as 12,500.
Given the volume of people affected, the Information Commissioner’s Office (ICO) could impose a significant penalty if they find that the university is guilty of breaching GDPR. In terms of justice for the victims, that’s where we come in.
First published by Matthew on July 24, 2019 in the following categories: Cybersecurity Data GDPR Hacking News Police Ransomware Security and tagged with cyber attack | cyber crime | cybersecurity | data controllers | database security | gdpr | ico | personal data | police breach | police data breach | ransomware
We represent people for police-related data incidents, and with this in mind, here’s a number of reasons as to why the recent Eurofins data breach is a worrying one.
In case you’ve not heard of this one, this relates to an organisation that the police outsource forensic work to. Eurofins reportedly process more than 70,000 cases per year, and deal with DNA analysis, toxicology, ballistics and computer forensics. As such, they can be at the heart of investigations into serious crimes, including murder, sexual offences and terrorism.
Worryingly, they were recently hit by a ransomware attack. This has led to a number of concerns about the security and quality of the work they carry out, and has caused significant disruption to police investigations.
First published by Matthew on July 15, 2019 in the following categories: British Airways Data Breach Claims GDPR Group Action ICO and tagged with British Airways Data Breach | compensation | gdpr | Group Action | ico
A number of people have been unsure as to how the £183m BA GDPR fine works in relation to compensation. They are two separate things, and here’s how it works.
Firstly, the record fine is the current proposal, and British Airways and their owner (IAG) can appeal the decision. Whether any appeal will be successful remains to be seen, but crucially, this is not yet the final fine. However, there will likely be a fine. Even if an appeal is successful, we expect that the Information Commissioner’s Office (ICO) is still going to issue a fine.
In terms of compensation, this is dealt with separately as part of a pending group action that you can sign-up for here.
First published by Matthew on July 11, 2019 in the following categories: British Airways Data Breach Claims GDPR Group Action ICO Latest and tagged with British Airways Data Breach | compensation | data breach | gdpr | Group Action | ico | Marriott / Starwood Data Breach
With this week’s news focused on big GDPR fines for British Airways and Marriott, we can only assume that more fines are on the way.
Our lawyers are fighting for justice in over 25 different data breach group and multi-party actions. That shows just how many big legal cases we’ve taken forward, and some of the incidents took place after GDPR was introduced last year. The BA Group Action is one of those, and the initial fine of £183m shows just how serious the Information Commissioner’s Office (ICO) is on punishing offenders.