A Chorley Council data breach has recently been reported after it was revealed that thousands of members of the public may have had their details exposed by the local authority. The incident appears to be yet another example of the damage that can be done to information security when employees make misjudgements.
Unfortunately, the incident at Chorley Council is only one in a long list of data breaches to have been caused by human error at local government bodies generally. Councils like Chorley should be striving to break with this trend, but there has unfortunately been little progress in terms of data protection it seems.
In the UK, all third-party data controllers are obliged to comply with the GDPR in their protection of the information that they hold and process. If they fail to do so, they can be held accountable, and those affected may have a right to make a compensation claim.
The Competition and Markets Authority (CMA) has recently disclosed figures for the data breaches that have affected the UK government regulator. They reportedly revealed that a total of 150 breaches have occurred over the last two years. The competition regulator data breaches are worrying given the CMA’s role in upholding the law, which requires them to handle a large amount of private information, some of which can be sensitive.
The importance of cybersecurity should now be well known to all businesses and organisations, as many can be prime targets for hackers and fraudsters searching for information to misuse. The malicious intent of cybercriminals should give organisations that sense of the importance of data protection. However, it appears that the CMA may not have been able to adopt the caution required of an organisation with such sensitive data handling responsibilities.
An employee in the motor industry has reportedly been prosecuted for the unlawful disclosure of accident data, which she illegally recorded and sold on for use by another company.
The ICO (Information Commissioner’s Office) has confirmed that a former employee of the RAC collected road accident data from the car insurance and roadside assistance company. It is then reported that she passed data on to the director of an accident claims firm.
The incident shows how personal data can be a valuable criminal asset and is a disturbing account of how the trust of customers can be broken when criminals decide to misuse data for their own profit. At the same time, it is reassuring that such criminals can be detected and punished under the law.
At Your Lawyers – The Data Leak Lawyers – as leading data breach claims lawyers, we aim to hold those responsible for data breaches to account for their actions. As such, if you have suffered as a result of having your data exposed, we are here to help you claim the compensation that you deserve.
Data Privacy Day 2021 was marked recently on the 28th January, the fifteenth time the day has been celebrated. Also called Data Protection Day in the UK and Europe, Data Privacy Day commemorates the signing of the first international treaty that was legally binding for governing data protection and privacy, named Convention 108.
After what had been another eventful year of data breaches in 2020, we believe it is important for all individuals and organisations to start 2021 with a positive, proactive approach to data protection. The commemorative day at the start of the year should be valuable in raising awareness about issues relating to data privacy, yet nothing ever seems to change as we continue to see breach after breach after breach.
At Your Lawyers – The Data Leak Lawyers – we aim to empower victims of data breaches to take action against those who have failed to protect their data, to ensure that the consequences of data breaches can be learned. We feel that it is the most proactive way forward given that no amount of legislation or commemorative days appear to be making the difference that is really required.
Following a two-year investigation into credit reference agencies, the Information Commissioner’s Office (ICO) has taken enforcement action against Experian. It was ruled that the company must make “fundamental changes to how it handles people’s personal data”, according to the ICO.
The investigation examined three credit agencies, of which Experian is the only one to reportedly face punitive action for data handling they carry out for direct marketing purposes.
Experian is understood to have taken some steps towards improving their data handling, but it was not enough to satisfy the ICO that data protection law was being adhered to. It is reassuring to know that Experian must make changes, and demonstrates to other companies that any sidestepping of the GDPR will not be tolerated by regulators.
A big problem surrounding medical data breaches, and one of the most concerning, is when a member of staff breaches confidentiality by accessing patient records without clinical justification.
We entrust medical employees and NHS staff to safeguard our personal medical data and only access it as part of our treatment or care. That is why it is so concerning when a member of staff is accessing patient records with no medical reasoning or no proper authority to do so.
It is sometimes hard to know what exactly they are using the data for, potentially putting individuals at risk by exposing sensitive data. In many cases, the perpetrators know the victims, which can make the distress for the victims even worse.
New research has highlighted that public sector GDPR breaches could become a more regular occurrence due to understaffed Government data protection teams.
GDPR breaches can be extremely serious, exposing people’s private data and leaving them vulnerable to cyberattacks and much more. It is important that victims know their rights – as a leading firm of data breach compensation lawyers, we could represent you for a case on a No Win, No Fee basis if you are eligible.
We are proud to offer free and no-obligation advice for victims of a breach too.
The NHS was subject to some of the worst healthcare cyberattacks of 2019. The year saw a continuous increase of data breaches with two-thirds of healthcare organisations in the UK understood to have been involved in some form of data breach last year.
Many of these data breaches stem from virus and malware attacks which often arise from a compromised third-party device.
A Freedom of Information request submitted by Centrify reportedly found that the NHS has blocked some 11.4 million cyberattacks between 2016 and 2019. This shows just how much the NHS is a huge target for cybercriminals, and how they have ended up being targeted for some of the worst healthcare cyberattacks of 2019.
Over 6,000 people have reportedly been affected by the latest Department for Work and Pensions data breach, with sensitive information leaked in error.
The DWP (Department for Work and Pensions) suffered a serious data breach after publishing the sensitive details of over 6,000 individuals online for over two years. It is understood that the data was only taken down this Monday and formal investigations into the data breach have been launched.
If you have been affected by the Department for Work and Pensions data breach, you could be eligible to make a compensation claim for the loss of control of your personal information. Depending on what data of yours has been leaked, we may be able to assist you.
The British Airways ICO fine has been reduced from the proposed £183m initial intention to fine amount to just £20m; representing a significant reduction from the Information Commissioner’s Office (ICO) of around 90%.
The British Airways data breach affected almost half a million customers across two periods in 2018. Highly sensitive data that included names, addresses, payment card numbers – including CCV numbers in some cases – were accessed by hackers in the attack.
Customers who made or changed a booking between 10.58pm on 21 August 2018 and 9:45pm on 5 September 2018, or customers who made a reward booking between 21st April 2018 and 28th July 2018, could be affected by the data breach. If this applies to you, you could be eligible to claim compensation now.