Welcome To The Data Leak Lawyers Blog

New York medical records discovered on an unsecured server

Medical records are known to be a treasure trove for hackers. Once cyber-criminals have access to these, they can sell them on the black market for up to $10 (£7.67) per record, according to Anthony James at U.S. security firm, TrapX.

But it seems cyber-criminals don’t have to hack into computer systems to access records as a ‘huge trove’ of confidential U.S. medical records were found on an unsecured server; accessible to malicious hackers and cyber-security professionals.
read more

By Author

The rise of machine learning and how it can impact cyber-security

Throughout the past two years, we have seen breach after breach. From the Yahoo breaches to the international cyber-hack involving the NHS in May 2017, they never seem to stop!

So what can be done about it? This year, we expect to see the rise of machine learning to identify attacks quickly. Unlike the ransomware that crippled our NHS along with other organisations in 98 countries across the globe on the 12^th May 2017, not all data breaches flash on your screen with a frightening message demanding payment next to an intimidating timer. Many data breaches occur without companies being ever aware of it. Like the Yahoo data breaches, it took them years to realise their security systems had been compromised.
read more

By Author

Starbucks shifts data protection responsibility onto customers

The Starbucks saga continues…

Customers of Starbucks have been struck by multiple counts of fraudulent activity in recent weeks. Like many modern businesses, Starbucks was not prepared to be left behind in the digital world. So, they created an app where customers can easily purchase drinks and snacks on their phones. Around a third of all purchases are reportedly now made through this popular and easy to use app, and whilst the app is responsible for $1 billion worth of purchases, Starbucks have arguably overlooked key security measures.
read more

By Author

Third Party companies may be your biggest security risk

A large number of security risks are caused by third party vendors.

As we saw with the recent Debenhams Flowers cyber-attack, using a third party company or service provider can leave your network vulnerable to security breaches. Whilst your company could have top of the line security measures put in place, the company that handles your packaging and shipping, or the company who processes customer purchases, may have weak to non-existent security measures.

This is a clear risk.
read more

By Author

The bigger the company, the bigger the target for cyber-crime!

Companies need to start ramping up their security measures as cyber-crime continues to rise!

According to a survey carried out by the British Chamber of Commerce, the bigger the company, the bigger the threat when it comes to cyber-attacks.

Still reeling from the recent WannaCry cyber-attacks that threw 99 countries into panic, companies may be finally starting to turn to their security researchers to see how to defend themselves against such an attack in the future. We all know that the hackers will try again in the future: it’s not a case of if, but when…
read more

By Author

Are companies prepared enough to respond to a data hacks and breaches?

Though most organisations have cyber-security systems in place, the effectiveness of preventing potential incidents is highly questionable.

It seems the media is portraying how companies are becoming increasingly less prepared in the event of a cyber-attack. For the most part, their cyber-security seems to be reactive rather than proactive. However, this theory may not be completely unfounded as the Global CISO study shows that 78% of Chief Information Security Officers (CISOs) are worried about their ability to detect breaches in the first place.
read more

By Author

What legal basis did the Met Police have for disclosing 30,000 addresses?

In early May, the Metropolitan Police were accused of a ‘severe’ security breach when they disclosed 30,000 addresses of shotgun and firearm owners to a direct mail marketing agency, “Yes Direct Mail”.

The British Association for Shooting and Conservation (BASC) has now demanded an answer from the Commissioner of the Metropolitan Police, Cressida Dick, to clarify what legal basis they had for passing on the addresses of so many firearm and shotgun owners. Namely: under the Data Protection Act (DPA) and any wider guidelines surrounding privacy and marketing.
read more

By Author

GP surgeries were on the brink of meltdown following the NHS cyber-attacks

Following on from the WannaCry attack, there were fears that the cyber-attack could continue to have disastrous consequences for healthcare organisations like GP surgeries.

There was extreme concern after the NHS cyber-attack as to exactly how many GP surgeries were directly affected, and health officials were concerned how computer systems would manage when they reopened after the attack.
read more

By Author

Verizon finds that one in ten data breaches went undetected last year

After a year filled with data breaches left right and centre, the reports containing breach statistics are enough to make anyone feel uneasy.

The American TV phone and internet provider Verizon instructed their security research division to look into 2,260 breaches reported by various organisations and companies. Having seen data breaches take a centre spotlight in the news throughout 2016, the results don’t surprise us; but they are nonetheless worrying…
read more

By Author

Salaries of 240 staff affected in the 2015 Plymouth University Data Breach resurfaces

There has been a serious breach at Plymouth University which has seen more than 200 staff members’ salaries leaked.

An investigation, undertaken by Plymouth University solicitors, is well under way. It transpires that a confidential spreadsheet noting 240 senior staff members’ salaries was erroneously sent to an incorrect email address in June 2015.
read more

By Author