Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
A Chorley Council data breach has recently been reported after it was revealed that thousands of members of the public may have had their details exposed by the local authority. The incident appears to be yet another example of the damage that can be done to information security when employees make misjudgements.
Unfortunately, the incident at Chorley Council is only one in a long list of data breaches to have been caused by human error at local government bodies generally. Councils like Chorley should be striving to break with this trend, but there has unfortunately been little progress in terms of data protection it seems.
In the UK, all third-party data controllers are obliged to comply with the GDPR in their protection of the information that they hold and process. If they fail to do so, they can be held accountable, and those affected may have a right to make a compensation claim.
Three years have passed since the NHS Digital data breach was reported, in a wide-reaching incident affecting around 150,000 patients across the country. Patients affected had chosen to opt-out from their medical information being used for non-care related purposes, but a mistake made by the IT and data branch of the NHS caused their requests to not be upheld.
Medical details represent perhaps the most sensitive type of personal information about us, so health professionals and services owe an important duty to their patients to protect this information and keep it confidential. This includes giving patients the option to choose how their data is processed and used, empowering them to take control of data disclosure. As such, when the health service fails to observe the choices of patients, it can be an indication of inept and inadequate data protection.
We began taking on claims for those affected by the NHS Digital data breach soon after it came to light, and we can still register claims despite the time that has elapsed since the incident. Contact us now to receive free, no-obligation advice on your claim.
Medical data often constitutes some of the most sensitive information involving an individual, so the effects can be devastating if this information is exposed. Cybercriminals are all too aware of this fact, and in the world of data misuse, highly sensitive information is often very profitable. Some cyberattacks result in medical data leaked online, with criminals using it as a powerful bargaining tool.
In the wake of medical data breaches, many victims may feel vulnerable and anxious, fearing that their private information might have fallen into the hands of cybercriminals. Nothing can make up for the distress of this difficult aftermath period but making a compensation claim can help to achieve some form of justice for the harm caused.
Your Lawyers, as leading data breach experts, want to make sure all data breach victims can access justice. Victims can contact us for free, no-obligation advice on a potential compensation claim.
The vital crime-fighting function of the police means that they are allowed to request, process and use much more data than most people would ordinarily disclose to a third party. Many trust the police to handle the information that they are given access to with caution and respect, only requesting and viewing it when absolutely necessary. However, there are unfortunate examples of police using data without consent, abusing their powers to view or use information inappropriately.
Police officers are not above data protection law and this is important to remember. It may be that certain allowances are granted to them in accordance with the GDPR, but they are still bound to certain restrictions.
As such, those who are affected by police data breaches may be entitled to claim compensation for the harm caused.
Following a breach of Guntrader.uk, a website that leads in buying and selling of guns in the UK, it is understood that thousands of customers have had their names and addresses exposed. As a result of the Guntrader data breach, those who used the site may have reportedly had their personal information posted to the dark web.
The breach is particularly concerning given the safety risks of making the identities and potential whereabouts of gun owners known to potential criminals. As investigations continue, it is not yet clear how the data theft was allowed to occur. However, if it is found that Guntrader bears responsibility for the information exposure, it could be held liable for a breach of data protection law.
If you have been affected by the Guntrader data breach, we recommend that you come forward to seek legal advice, as there may be grounds for a compensation claim. It is always distressing to learn that your private information could be circulating in the public domain, so it is vital that any responsible parties are held accountable for the harm caused.
In many cases, data protection breaches arise as a result of human error. A CybSafe analysis of data breaches reported to the ICO found that 90% of UK data breaches in 2019 were caused by user mistakes. The employees responsible for cybersecurity would, therefore, seem to be failing to adhere to data protection law, but there is much more to it than that.
Despite the high incidence of human error, it is employers who bear the ultimate responsibility for upholding data protection at their companies. This can mean that, when a data breach occurs, organisations may be liable to pay compensation. If you have been affected by a data breach caused by an employee, you can still have every right to make a claim and recover compensation from the organisation as a whole.
In February last year, it was revealed that Redcar and Cleveland Council had fallen prey to a cyber-attack, bringing many of its online resident services to a standstill for a prolonged period of time. Although systems were eventually repaired and services reinstated, the effects of the cyberattack are still being felt now, over a year after the attack, primarily in the huge financial toll it took on the council.
In fact, the government has been set to intervene to help the council with the funding, after millions of pounds were expended on the effort of rebuilding its systems. The prolonged recovery work raises questions about whether Redcar and Cleveland Council’s systems should have been stronger in order to defend against the attack in the first place, and whether the council had an attack response plan in place before they were hit.
This all shows how costly an attack can be, and why it is always so much better to take preventative action instead of an event taking place.
Around two years ago, the Police Federation of England and Wales was hit by a cyberattack, and we began taking claims forward soon after the data breach incident occurred. Although it was initially believed that no personal information affected, it was nevertheless a possibility that employee data may have been exposed to unauthorised access.
The case against the Police Federation is one of many data breach group actions we are pursuing. As leading specialists in data breach claims, we are fighting for justice in a number of high-profile actions, including those against Equifax, Virgin Media and British Airways.
As with all our data breach group actions, we are offering No Win, No Fee representation to eligible victims of the Police Federation data breach. You can contact us today if you are considering starting a claim.
We have been approached for help following the Accident Exchange – AX data breach – which is understood to have occurred earlier this year in January. The company is said to have suffered a cyberattack which led to the exposure of client information, with an external third-party accessing the company’s systems.
Those affected by the breach have recently been notified by AX (formerly Accident Exchange) that their personal information might have been affected, though it is still unclear exactly what details may have been exposed in all cases.
We have already begun taking on claims for those affected, who could be in line to receive compensation for the exposure of their private data. All companies are legally obliged to protect the data in their possession and, when they fail to do so, they can be liable to pay damages for a breach of data protection law.
NHS CCTV cameras have reportedly been embroiled in a hack affecting security footage across the globe, after security company Verkada is understood to have been breached by hackers. It is said that live streams for as many as 150,000 Closed-Circuit Television (CCTV) cameras may have been viewed by unauthorised users.
Serving organisations include prisons, general businesses, schools and even psychiatric hospitals. The breach of Verkada’s cameras may have exposed the identities of many people working in, living in, or visiting affected institutions.
It is unclear exactly which feeds hackers may have viewed and what they gleaned from the footage, but it is nevertheless worrying to learn that a security firm has been subjected to such a wide-reaching breach. There is currently no evidence that any NHS camera feeds were viewed by hackers, but Verkada lists the NHS as one of its clients on the company website. Hackers have also claimed that they have been able to access the cameras of any of the affected organisations.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
