UK software company Sage has suffered a data breach which could have affected the personal information of employees at 280 businesses.
The breach is being investigated by the police, and Sage is looking into the unauthorised access of data where someone used an “internal” company computer login for access. It is unclear whether the information was stolen or simply looked at, but the incident allegedly took place nevertheless.
Investigating the Sage breach
Sage provides business software for accounting and payroll services in 23 countries to a lot of different firms. They are taking the breach seriously, and have notified businesses who have had their data breached, and advised them to be vigilant for any unusual activity.
With Sage having some 13,000 employees globally, the source of the hack could be hard to determine.
A Spokesperson from Sage has said:
“We are investigating unauthorised access to customer information using an internal login. We cannot comment further whilst we work with the authorities to investigate – but our customers remain our first priority and we are speaking directly with those affected.”
The police are investigating, and the Information Commissioner’s Office, who is responsible for the enforcement of the Data Protection Act 1998, has also been informed. The ICO can decide if Sage was negligent, and if they decide the company was, both criminal and non-criminal enforcement action can be taken.
Can you claim?
If you have been affected by the breach then you may be eligible for compensation if your personal information has been accessed without your consent.
Whether we can help you or not is usually dependent on things like the nature of the information that has been subject to the breach, and how this has affected you. You should be notified by either Sage or your employer, and you should be told what information of yours was involved in the breach.
We’ll look to bring more on the story as things develop…
Source: https://www.bbc.co.uk/news/business-37076704