We have been approached by a number of victims of a huge data breach for casual workers at Manchester United Football Club, and we have taken claims on with our No Win, No Fee offer available.
From the accounts of the clients who have been accepted for our representation, its believed that 167 casual workers at Manchester United received an email which attached all 167 employees’ wage slips instead of just their own.
This means that the personal details of an estimated 167 individuals has been leaked.
We understand that the breach occurred due to an error with an employee using a system that splits wage slips that are in PDF document format to be sent to workers individually. Instead of the workers receiving their individual payslips, they all received one PDF document that contained all 167 wage slips for each of the 167 employees.
Its understood that the system they are using is relatively new and is being trialled, and that on the day of the breach, there may have been a lack of managerial staff overseeing the procedure. The breach has already been reported to the Information Commissioner’s Office (ICO), who have made recommendations for improvement as a result of the data breach.
With a reported 167 casual workers at the Theatre of Dreams subjected to this data breach, it’s another example of how easily it can be to inadvertently leak personal and sensitive data. Systems and protocols which organisations must put in place can easily avoid such simple but often devastating leaks, and its for that reason that we believe there is a case to answer for.
We have already taken on a number of data protection compensation claims for casual workers affected by the Manchester United data breach who have approached us for help.
Data leaked includes data you would often find on a wage slip like names, addresses, pay information, National Insurance numbers and email address. In the wrong hands, this kind of data can be enough for a criminal to commit financial fraud, and that’s on top of the fact that many people regard such information as personal and sensitive, and not to be shared.
The Manchester United casual workers data leak is, in our view, a breach of data protection legislation.
As we often say when these breaches happen, it can be a lot worse. What people don’t realise is how easy it is to track people down and gain so much information about them. People often have their employer displayed on public social media platforms like Facebook, Twitter and LinkedIn. It only takes one savvy fraudster to piece together information from this breach, public information, and information from the countless other breaches (email address identities are leaked all the time), and someone could do some serious damage.
This is how people in this day and age end up as a victim of fraud.
Its about smart criminals using a wealth of tools and data at their disposal, including breached data from several incidents, and targeting those who they can build a profile for. And while it may be nice to expect others included in the leak to not act on the leaked data they now hold, you can’t be certain this will be the case.
We live in an age where data security is a real concern, and breaches of this nature can have severe knock-on effects. Who’s to say one of those recipients of the wage slips isn’t already logging into a compromised account, where a criminal now has a wealth of data about 167 people?