As growing numbers of cyberattacks plague the UK and the rest of the world, more and more people are suffering due to passwords found on the dark web.
The dark web consists of areas of the world wide web that are usually accessible with the use of specific software or authorisations. It is where hackers can sell information that has been hacked, and where criminals can go to find information to exploit.
If one or more of your passwords has been found to have been breached, what can you do about it?
Before we go into what people can do from a legal perspective for passwords found on the dark web, let’s address what steps you should take to protect yourself.
- Secure your accounts by changing your passwords immediately;
- Make sure you use strong, complex passwords that are a combination of letters, numbers, upper cases, and special characters;
- Do not re-use passwords for more than one account;
- Consider applying two-factor authentication to accounts or at least automatic notifications of login events;
- Keep a very close eye out for suspicious activity and check any login audit logs;
- Speak to companies that are involved and take heed of their advice too.
The last thing you want is for your login credentials to be abused – do the immediate and necessary things to keep yourself safe.
Legal rights for passwords found on the dark web
For passwords found on the dark web, where your credentials have been subject to a cyberattack or data breach involving an organisation, you have rights. What we mean by this is that, if the loss of control of your personal details was caused by your data being stolen from someone else, you may have a claim.
Some easy examples based on some of the dozens of group action cases we represent thousands of clients for:
- The British Airways data event;
- The Ticketmaster cyberattack;
- The Equifax data breach;
- The TalkTalk hack;
- LOQBOX hack.
In these scenarios, information (not necessarily passwords, this is just for example purposes) was stolen from those companies. As a result of the data theft, we believe that the above companies could – and should – have done more to have prevented the attacks from being successful. For example, Equifax failed to patch a known security vulnerability that was then exploited by hackers. British Airways has been issued with a provisional intention to fine in the sum of £183m as the ICO (Information Commissioner’s Office) confirmed that they could have taken more steps to prevent the attack taking place.
So, when someone else is at fault in cases of passwords found on the dark web, that is when you could be eligible to claim compensation. The GDPR can allow you to receive damages for the distress caused by the loss of control of your personal information, so it is not a case of only being able to claim when money is lost or stolen. On the contrary, most legal cases are for the distress alone, and this can be so substantial that data breach compensation pay-outs are often in the thousands of pounds area.
Legal advice now
You could be entitled to make a No Win, No Fee data breach compensation claim with us today.
As a leading firm of data breach lawyers, we are always happy to provide people with free, no-obligation advice about their options for justice.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on October 08, 2020
Posted in the following categories: Claims Cybersecurity Data GDPR Hacking News Ransomware Scammers Security and tagged with compensation | cyber attack | cyber crime | cybersecurity | data breach | data controllers | database security | online security | personal data | phishing scams | ransomware | smart technology | website hacked