Reading:
Data leaks from outsourcing
Share:
executive charged

Data leaks from outsourcing

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

For businesses with expanding opportunities and responsibilities, it often becomes necessary to hire external providers and suppliers to ensure the efficiency of company operations. Data leaks from outsourcing can unfortunately occur when these external providers lapse in protecting the information held by the company they work with.

However, when a data leak does arise, it is not acceptable for the affected company to simply shift the blame onto an external supplier or provider. Ultimately, the responsibility to protect the information of customers, members and employees falls on the organisation itself as a result of the legal duties that they must adhere to. Even in cases where an external provider caused the leak, the victims can still be eligible to claim compensation either way.

Cases of data leaks from outsourcing

Numerous notable data leaks from outsourcing services have reached the national news in recent times. One of the most recent cases was that of the Now: Pensions data breach, for which we already act for a number of claimants. In the data leak, 30,000 customers had their information exposed from the pension provider after an agent described as a “third-party contractor” uploaded names, birth dates postal and email addresses, and National Insurance numbers to an online public forum, seemingly in error.

A similar incident also recently occurred at Wentworth Golf Club, in which the member login system provided by external company Jonas Systems was accessed by an unauthorised third party, who downloaded a file containing members’ personal data. We are also representing a number of victims for this breach.

Where does responsibility lie?

In both cases described above, the contractors were specifically permitted to perform data handling. As such, it would be expected that they should be well-versed in basic cybersecurity and data protection procedures. However, if Now: Pensions and Wentworth Gold Club made these assumptions without appropriate checks and agreements in place, they can be found liable for their inaction. Such important data protection requirements should never be taken for granted.

The responsibility in both cases can fall on to the organisation experiencing the hack or leak, as they are the ones with the duty to those that they hold information for. In accordance with the GDPR, every organisation has a role to play in implementing sufficient cybersecurity and data protection practices, and no one can afford to turn a blind eye to external providers and assume they will do the same.

In order to prevent data leaks from outsourcing, data protection should always be on the agenda when a company is considering engaging the services of an external supplier. Data security should be consistently reviewed over the course of any business collaboration.

Making a data breach claim

All organisations involved can be held responsible for data leaks from outsourcing, so you can be entitled to make a claim if your right to data protection is breached.

While a breached company may try to put an external provider in the line of fire, this does not simply absolve them of liability.

If you wish to make an enquiry about a potential data breach claim, please do not hesitate to contact us for free, no-obligation advice. We are specialists in data breach law and understand how damaging the effects can be for the victims, so we are here to support those affected to achieve the justice they deserve.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon