Tag: online security
Guntrader data breach
Following a breach of Guntrader.uk, a website that leads in buying and selling of guns in the UK, it is understood that thousands of customers have had their names and addresses exposed. As a result of the Guntrader data breach, those who used the site may have reportedly had their personal information posted to the dark web.
The breach is particularly concerning given the safety risks of making the identities and potential whereabouts of gun owners known to potential criminals. As investigations continue, it is not yet clear how the data theft was allowed to occur. However, if it is found that Guntrader bears responsibility for the information exposure, it could be held liable for a breach of data protection law.
If you have been affected by the Guntrader data breach, we recommend that you come forward to seek legal advice, as there may be grounds for a compensation claim. It is always distressing to learn that your private information could be circulating in the public domain, so it is vital that any responsible parties are held accountable for the harm caused.
Are employees responsible for cybersecurity errors and data protection breaches?
In many cases, data protection breaches arise as a result of human error. A CybSafe analysis of data breaches reported to the ICO found that 90% of UK data breaches in 2019 were caused by user mistakes. The employees responsible for cybersecurity would, therefore, seem to be failing to adhere to data protection law, but there is much more to it than that.
Despite the high incidence of human error, it is employers who bear the ultimate responsibility for upholding data protection at their companies. This can mean that, when a data breach occurs, organisations may be liable to pay compensation. If you have been affected by a data breach caused by an employee, you can still have every right to make a claim and recover compensation from the organisation as a whole.
Redcar and Cleveland Council cyberattack
In February last year, it was revealed that Redcar and Cleveland Council had fallen prey to a cyber-attack, bringing many of its online resident services to a standstill for a prolonged period of time. Although systems were eventually repaired and services reinstated, the effects of the cyberattack are still being felt now, over a year after the attack, primarily in the huge financial toll it took on the council.
In fact, the government has been set to intervene to help the council with the funding, after millions of pounds were expended on the effort of rebuilding its systems. The prolonged recovery work raises questions about whether Redcar and Cleveland Council’s systems should have been stronger in order to defend against the attack in the first place, and whether the council had an attack response plan in place before they were hit.
This all shows how costly an attack can be, and why it is always so much better to take preventative action instead of an event taking place.
Claims for Police Federation of England and Wales data breach
Around two years ago, the Police Federation of England and Wales was hit by a cyberattack, and we began taking claims forward soon after the data breach incident occurred. Although it was initially believed that no personal information affected, it was nevertheless a possibility that employee data may have been exposed to unauthorised access.
The case against the Police Federation is one of many data breach group actions we are pursuing. As leading specialists in data breach claims, we are fighting for justice in a number of high-profile actions, including those against Equifax, Virgin Media and British Airways.
As with all our data breach group actions, we are offering No Win, No Fee representation to eligible victims of the Police Federation data breach. You can contact us today if you are considering starting a claim.
NHS CCTV cameras associated with worldwide hack
NHS CCTV cameras have reportedly been embroiled in a hack affecting security footage across the globe, after security company Verkada is understood to have been breached by hackers. It is said that live streams for as many as 150,000 Closed-Circuit Television (CCTV) cameras may have been viewed by unauthorised users.
Serving organisations include prisons, general businesses, schools and even psychiatric hospitals. The breach of Verkada’s cameras may have exposed the identities of many people working in, living in, or visiting affected institutions.
It is unclear exactly which feeds hackers may have viewed and what they gleaned from the footage, but it is nevertheless worrying to learn that a security firm has been subjected to such a wide-reaching breach. There is currently no evidence that any NHS camera feeds were viewed by hackers, but Verkada lists the NHS as one of its clients on the company website. Hackers have also claimed that they have been able to access the cameras of any of the affected organisations.
Banks reportedly prevented £45m of fraud in 2020
Recent coverage has revealed that action taken by bank employees and police prevented some £45m of fraud in 2020, saving customers from the loss of an average of almost £6,000 each. The figure is a testament to the success of the Banking Protocol scheme that encourages banks and the police to work together to protect consumers.
However, the huge £45m sum is also a sign of the scale of fraud in the UK. As leading, specialists in data protection law, we believe that the link between data breaches and fraud is a problem that needs to be addressed. When a third-party organisation fails to protect your personal information, it may be leaked into the hands of cybercriminals, who may attempt to steal from you via various kinds of manipulative scams.
We believe that it is essential that all data controllers are held to account when they fail to observe their legal duties. We have helped thousands of consumers to recover the compensation that they deserve, so we encourage any data breach victims to come forward for free, no-obligation advice on their potential claims.
Typeform data breach claim
In June 2018, it was revealed that survey company Typeform had suffered a data breach. The company reportedly became aware of the issue on 27th June, identifying that an attack had led to hackers downloading what was described to be a “partial backup” of its customer data. When we learned of the breach, we offered advice to those affected, and victims may still be able to make a Typeform data breach claim as part of the action that we are pursuing.
In accordance with UK data protection law, all those who disclose their information to third parties have a right to the protection of their personal information. Typeform’s customers, therefore, justifiably expected that they could trust Typeform with their data. Unfortunately, instead, some were greeted with the news that their information had been exposed.
As leading specialists in data breach claims, Your Lawyers (t/a The Data Leak Lawyers) helps those affected by data exposure to claim the compensation that they deserve. Although three years have passed since the Typeform data breach was revealed, more victims may still have a chance to make a claim, so contact our team for more advice if you were affected. We are already helping others on a No Win, No Fee basis.
The risks of reusing passwords
As a standard recommendation of IT professionals and security specialists, many of us will be aware that it is advisable to use a range of passwords, but we believe that the importance of this advice cannot be understated. Many studies have shown that people continue to risk their data security by reusing passwords across their online accounts, and this is dangerous.
There is now a whole subsection of cybercrime built around the theft and misuse of account credentials, so it is vital that consumers do not put themselves at greater risk by reusing passwords.
Personal information is a highly valuable resource to cybercriminals, and passwords can be particularly profitable, given that they can sometimes unlock private accounts containing further personal information. A password is meant to be a key form of protection, so why are we compromising this security technique by reusing passwords?
British Airways data breach claim settlement – you still have time to claim!
July 2021: it has been widely reported that British Airways has settled claims for victims of their 2018 data breaches. The airline will likely see the British Airways data breach claim settlement as an opportunity to draw a line under the legal action against them, but the claim process is, in fact, far from over – so don’t worry! Only one subset of the 420,000 victims of the data breach have settled claims, so those who have yet to claim still have a chance to claim with us.
Due to an agreement of confidentiality between the parties involved, the compensation amounts for the British Airways data breach claim settlement have not been disclosed. Our group of claimants still have a chance to potentially receive thousands of pounds in damages as a fair settlement of their claims.
Since the British Airways data breaches occurred in 2018, we have been seeking justice for those affected. We want to ensure our claimants can receive the maximum possible compensation pay-outs, and we continue to fight hard for the victims of the British Airways data breach that we represent.
Ticketmaster data group action
In June 2018, Ticketmaster revealed that a security incident had affected its website, causing the personal information of customers to be exposed. Discovered on 23rd June, the information was exposed due to the actions of an external hacker, but questions were raised regarding how far the incident had been caused by Ticketmaster’s own alleged negligence. We began taking on claims soon after the breach was announced, and we are now running our Ticketmaster data group action to ensure that those affected can receive the compensation that they deserve.
The breach has potentially demonstrated how insufficient cybersecurity could be responsible for mass information exposure. Thousands of customers had sensitive payment details exposed as a result of what we understand to be a system vulnerability, so we believe that Ticketmaster must answer for what has happened.
If you have been affected by this data breach, you can contact our team to find out if you have a compensation claim to make.