Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Many data breaches occur not because of sophisticated hacks, but because of failures in cybersecurity defences. In such cases, the blame can primarily fall on the head of the data controller, who may have failed in their duty to protect personal information. For example, a potential data breach arose when a configuration issue in the systems of Network Rail left rail passenger data accessible online.
The error is one many companies cite when a data breach occurs, and one which can be indicative of systematic failings within an organisation. It often only takes one mistake or flaw to make a substantial hole in an organisation’s cybersecurity defences. As good cybersecurity is a key tenet of data protection law, data controllers with weak or faulty cybersecurity can be found in breach of the GDPR. The wider defences are only as good as the weakest link.
Where the GDPR is breached, those affected by the exposure of their information may be eligible to make a compensation claim. At Your Lawyers (T/A The Data Leak Lawyers), we represent data breach victims as a leading data breach claims law firm to fight for the justice that they deserve.
In March last year, C3UK – the internet provider for UK railway stations – was made aware of a misconfigured database by a security researcher, an error that left rail passenger data accessible online.
About 10,000 travellers who had made use of free Wi-Fi at railway stations were affected, with the exposed information relating to contact data and dates of birth.
Having secured the database immediately after being notified of the issue, C3UK stated that it had only been accessed by their company and the security researcher, which should mean that the error is of minimal risk. However, if action had not been taken so quickly, the outcome may have been very different.
Leaving rail passenger data accessible online is certainly an invitation to fraudsters and cybercriminals who could abuse such information and cause harm to the victims.
Making rail passenger data accessible online is no small error when personal privacy is at stake. Similar mistakes have had much more severe repercussions. For example, the Virgin Media data breach occurred when a configuration error left a marketing database accessible online for 10 months, consequently exposing the personal data of 900,000 UK consumers. We are currently representing Virgin Media claimants in our group action.
When a cybersecurity error causes a data breach, companies cannot simply blame the breach on technology, or a select few IT employees. It is the responsibility of the company as a whole to implement rigorous procedures and protective measures to ensure that there are no chinks in the armour.
In cases where the company is found to have breached the GDPR, the victims could be eligible to claim compensation for the distress that they have endured, as well as any financial losses or expenses that the breach may have provoked.
If you believe that you have been adversely affected by the exposure of your personal data, you may be able to claim data leak compensation under the GDPR.
As leading specialists in data protection law, we know how severe the repercussions can be, which is why we aim to help all data breach victims to access the justice they are entitled to.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020