Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
The Windrush data breach incident that happened on 7th April 2019 has forced changes to be adopted by the Home Office following the leak of information surrounding the compensation scheme.
Earlier this month, mass emails were sent out to people taking part in the Windrush compensation scheme, as well as other interested parties. Emails were reportedly sent out in batches of 100, and the first five batches are understood to have resulted in a data breach. Yet again, this was another case where recipients of the email could see each other’s information.
This kind of incident has happened so many times before, and it triggered one of the more severe compensation actions we’re involved ion; the 56 Dean Street Clinic leak. Changes are now set to be made.
The Information Commissioner’s Office (ICO) has issued a fine of £400,000.00 having concluded their investigations into the significant Bounty data breach.
We’ve already been contacted for help and taken claims for data breach compensation forward on a No Win, No Fee basis since news of the fine broke in the media. As many as 14 million individuals may have had their personal data shared, including new mothers and infants by extension.
The ICO has established that Bounty failed to properly inform users that their data would be shared for marketing purposes. The findings also confirmed that no one was able to give proper and informed consent as well.
A lack of data training is an easy open goal for data breaches and cybersecurity incidents. It’s not a viable defence to a claim for compensation.
Over the years we’ve been helping people, thousands of victims have asked for our help for data breaches, leaks and hacks. We can tell you from years of experience that a common cause of incidents can sometimes be a simple issue of a lack of training. Even though data breaches are always in the news, and the risk of a cybersecurity incident has probably never been higher, data protection training is still not a priority for some.
I’ve spoken to friends and family for some insight as well, and there are still way too many organisations not treating it seriously; despite GDPR. For a victim who must make a claim for data breach compensation, a lack of training is no excuse to deflect a claim.
We’ve started taking cases forward on a No Win, No Fee basis for victims of the PFEW cyber attacks that were announced recently.
Some 120,000 police employees may have been affected by this data breach, spanning 40 different forces. The PFEW (Police Federation of England and Wales) cannot determine whether any information was exposed, so on the basis that it cannot be ruled out, we’ve agreed to take cases on.
Another key factor is that there were two separate incidents that spanned over a number of weeks. The first incident took place on 9th March 2019, and the second took place on 21st March 2019. It’s believed that the attacks were a part of a wider operation as opposed to specifically targeting PFEW.
A recent prosecution has taken place over the V12 Sports and Classics data breach incident where a former employee of the company has been found guilty of breaking the law.
In this case, the former employee (32-year-old Jayana Morgan Davies) reportedly forwarded work emails that contained the data of customers and colleagues to her personal account. She resigned from her position a few weeks later, which suggests a specific motive for the illegal processing of the data she misused.
The incident is said to have taken place in August 2017. It has led to a successful prosecution from the ICO (the Information Commissioner’s Office).
It’s understood that a Bromford data breach incident occurred last year after the housing association accidentally sent letters to the old addresses for hundreds of tenants.
News of the breach comes from the media outlet Inside Housing. The error appears to be linked to some form of system issue where the old addresses for some tenants was copied into a new system. Some 30,000 letters were then sent to tenants in relation to rent reviews, and it’s believed that 253 of them were sent to the wrong (old) address.
After concerned tenants contacted the company about issues receiving their letters, the mistake was discovered. By then, the damage had already been done.
There has been a prosecution for a worrying Nuneaton and Bedworth Council data breach that’s an example of how employees can exploit the data they can access.
In this incident, former head of building control at the council, Kevin Bunsell, shared personal information about job applications with his partner. His partner had applied for the same job that the candidates whose data was shared had applied for, and she won the position.
Although we can only speculate as to the motives, we can assume that the reasons for sharing the data were to assist his partner in securing the position which she was eventually awarded.
We may see a Marriott GDPR fine applied after the monumental breach that was discovered last year, given the volume of people affected and the nature of the breach.
As many as 500 million people were affected, with data said to have been compromised between 2014 and 2018. An unauthorised third-party is said to have accessed the guest reservation table fore the Startword division of the company. Data exposed in the breach included a lot of personal and account data.
The breach lapses over GDPR coming into force in May 2018. That means that the ICO (Information Commissioner’s Office) could issue a fine that equates to 4% of the Marriott’s global annual turnover.
The dangers of the Quora data breach cannot be understated, especially when the incident reportedly affected up to 100m users!
Just yesterday we wrote about the issue of reusing passwords and user credentials across multiple sites. Doing so can put you at far greater risks than you may even realise. One of the key things it means is that your credentials breached in an attack could be used to break into other platforms you use. Facebook is a prime example with billions of users and a feature that lets you log into other platforms using your Facebook credentials.
On that basis, the dangers of an incident like this Quora one simply cannot be understated.
Thousands of people have contacted us for help with data breach claims. Victims can be entitled to make a claim for compensation. The risks of reusing passwords is one of the first things people may need to consider.
The advice is to never reuse the same passwords and user credentials across different platforms. Despite this, people still do it. It means that being the victim of one simple breach could lead to several accounts being accessed. In fact, it could even mean those credentials are used to hack into a business you are employed with.
There’s a great deal that many people may not consider when it comes to reusing passwords and usernames. The mindset needs to change!
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
