Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
Law changes in the coming months mean that the Information Commissioner’s Office (ICO) enforcement powers will no longer be subject to a maximum penalty fine of only £500,000. If any person, company or organisation is found to have breached Data Protection laws in the U.K., they may find themselves slapped with a much heftier fine.
The new maximum fine can be 4% of the company’s global turnover or €20million (almost £17million); whichever is the largest.
The government is introducing this as they adopt stricter E.U. laws for data protection into U.K. legislation. Despite Brexit, the government have said that the new regulation will be implemented by May 2018 in any event.
read more
The Information Commissioner’s Office (ICO) has issued an £80,000.00 fine to broking company Verso Group (UK) Limited. The ICO found that the company violated data protection laws because it didn’t adequately inform data subjects what was being done to their personal information.
Whilst investigating two other companies for breaches of the Privacy and Electronic Communications Regulations, the ICO noticed that Verso Group may have been supplying the two companies with personal information for the others to send unsolicited direct marketing communications to unwilling subjects. One of the companies, Prodial Ltd, was fined for making 46 million nuisance calls and was subsequently fined £350,000 by the ICO.
read more
Dyfed-Powys Police Force in Wales signed an undertaking with the Information Commissioner’s Office (ICO) after a number of data breaches over an 18 month period were identified.
The ICO was alerted to the seriousness of multiple incidents that indicated a potential lack of data protection training and protocols. Although none of the breaches appear to have had any underlying malicious intent, the ICO recognised the seriousness of the repeated data breaches.
read more
Nilesh Morar worked for Leicester City Council in the Adult Social Care Department where he reportedly stole a wealth of personal sensitive data for personal financial gain.
He reportedly took the information belonging to vulnerable people without the Council’s knowledge or permission.
After he stole the personal data, Morar left his job with the Council to set up his own business, so the motives for stealing the data seem quite apparent.
read more
As if the £400,000 fine last year was not enough, TalkTalk has been slapped with a £100,000 fine for reportedly breaching data protection laws over customer information.
Unlike the last fine which came off the back of countless customers’ information being exposed after a malicious hacking, TalkTalk is being fined for an alleged lack of information security, leaving customer data “open to exploitation by rogue employees.”
TalkTalk employees reportedly have access to a great deal of information, heightening the need for internal security measures.
read more
Boomerang Video Ltd owns and controls an online website where customers can rent or buy video games through their payment web application. Users log in and have a choice of video games for various consoles that are physically sent to them and then returned to their warehouse after the customer has finished playing the game.
The online platform requires certain information for a customer to sign up to their services, including a username, password and bank details to pay the monthly subscription fee.
Unfortunately, their app was targeted in a cyberattack and was successfully hacked in December of 2014.
read more
A data breach is the intentional or unintentional release of secure or private/confidential data by, say, employees, cyber-hackers, political activists or national governments.
The Information Commissioner’s Office (ICO) is the U.K.’s independent privacy watchdog who have the responsibility of upholding information rights for the benefit of the public interest. Though there isn’t a legal responsibility on companies and/or organisations to report all data security breaches, it’s considered good practice to do so.
Here’s a look at some of the recent data security incident trends from the ICO.
read more
EasyJet admits data of nine million hacked
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
