Reading:
Interserve Group Limited data breach matters: ICO fine
Share:
consequences of medical data breaches

Interserve Group Limited data breach matters: ICO fine

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

The Interserve Group Limited data breach that occurred in 2020 has resulted in a significant multi-million-pound fine being issued by the UK’s data watchdog, the ICO.

Your Lawyers, as leading privacy claims specialists, are used to helping people whose information has been misused or exposed. Having read information from the report issued by the ICO, it is clear that more could, and should, have been done to have prevented this incident from taking place.

Anybody who has lost control of their personal information through no fault of their own could be entitled to pursue a No Win, No Fee claim for compensation. Our team is available for free, no-obligation legal advice here now.

About the Interserve Group Limited data breach matters

The Interserve Group Limited data breach involved a phishing email that was sent to an accounts team mailbox on the 30th of March 2020. The phishing email in question was designed to look like it was a matter that required urgent review, and the email was subsequently forwarded to an employee responsible for invoicing the following day. Unfortunately, on the 1st of April 2020, the phishing email was opened and the attachment was downloaded, and a zip file was extracted. The attached file executed the installation of malware and resulted in the device used by the employee in question being compromised.

It is understood that one of the issues as to how the cyberattack managed to bypass security measures was due to the employee in question working from home.

It is understood that, following the compromise of the device, the attacker used various tools to compromise 283 systems and 16 accounts, including 12 privileged accounts, according to the ICO. Unfortunately, this included sensitive HR databases that contained the personal details of some 113,000 individuals, and included special category information.

The discovery of the Interserve Group Limited data breach resulted in investigations and regulatory reporting taking place.

Regulatory action from the ICO

The UK’s data watchdog, the Information Commissioner’s Office (ICO), has published its report into the Interserve Group Limited data breach. In that report, they have decided to impose a penalty on the company in the sum of £4,400,000 as a result of the incident.

This is a considerable penalty, and demonstrates the power of the GDPR that has significantly increased the previous cap of £500,000 to allow the regulator to issue multi-million-pound fines where appropriate. Fines of this kind of level are not issued lightly, and will often arise having considered the nature of the breach, how it happened, and what more should have been done to have prevented it from taking place.

The monetary penalty issued by the ICO is punishment for what has happened, and is not designed to compensate the victims whose personal information has been exposed. For victims to pursue compensation, they must instruct a solicitor privately and pursue a claim for damages.

Compensation for a breach of the Data Protection Act by an employer

Victims of a breach of the Data Protection Act by an employer can be eligible to use the law to pursue compensation for any distress caused by the loss of control of their personal information.

As with any organisation, an employer has an important duty to protect the information of its employees. There will be sensitive and special category data in some cases, from banking information for the payment of salaries, to potentially sensitive medical data for equality monitoring and supporting staff.

If we consider that you have been the victim of a breach caused by your employer, you could be entitled to pursue a case on a No Win, No Fee basis. The best thing to do is contact our team for free, no-obligation legal advice here now.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon