Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
A lack of data training is an easy open goal for data breaches and cybersecurity incidents. It’s not a viable defence to a claim for compensation.
Over the years we’ve been helping people, thousands of victims have asked for our help for data breaches, leaks and hacks. We can tell you from years of experience that a common cause of incidents can sometimes be a simple issue of a lack of training. Even though data breaches are always in the news, and the risk of a cybersecurity incident has probably never been higher, data protection training is still not a priority for some.
I’ve spoken to friends and family for some insight as well, and there are still way too many organisations not treating it seriously; despite GDPR. For a victim who must make a claim for data breach compensation, a lack of training is no excuse to deflect a claim.
We’ve started taking cases forward on a No Win, No Fee basis for victims of the PFEW cyber attacks that were announced recently.
Some 120,000 police employees may have been affected by this data breach, spanning 40 different forces. The PFEW (Police Federation of England and Wales) cannot determine whether any information was exposed, so on the basis that it cannot be ruled out, we’ve agreed to take cases on.
Another key factor is that there were two separate incidents that spanned over a number of weeks. The first incident took place on 9th March 2019, and the second took place on 21st March 2019. It’s believed that the attacks were a part of a wider operation as opposed to specifically targeting PFEW.
A recent prosecution has taken place over the V12 Sports and Classics data breach incident where a former employee of the company has been found guilty of breaking the law.
In this case, the former employee (32-year-old Jayana Morgan Davies) reportedly forwarded work emails that contained the data of customers and colleagues to her personal account. She resigned from her position a few weeks later, which suggests a specific motive for the illegal processing of the data she misused.
The incident is said to have taken place in August 2017. It has led to a successful prosecution from the ICO (the Information Commissioner’s Office).
It’s understood that a Bromford data breach incident occurred last year after the housing association accidentally sent letters to the old addresses for hundreds of tenants.
News of the breach comes from the media outlet Inside Housing. The error appears to be linked to some form of system issue where the old addresses for some tenants was copied into a new system. Some 30,000 letters were then sent to tenants in relation to rent reviews, and it’s believed that 253 of them were sent to the wrong (old) address.
After concerned tenants contacted the company about issues receiving their letters, the mistake was discovered. By then, the damage had already been done.
There has been a prosecution for a worrying Nuneaton and Bedworth Council data breach that’s an example of how employees can exploit the data they can access.
In this incident, former head of building control at the council, Kevin Bunsell, shared personal information about job applications with his partner. His partner had applied for the same job that the candidates whose data was shared had applied for, and she won the position.
Although we can only speculate as to the motives, we can assume that the reasons for sharing the data were to assist his partner in securing the position which she was eventually awarded.
We may see a Marriott GDPR fine applied after the monumental breach that was discovered last year, given the volume of people affected and the nature of the breach.
As many as 500 million people were affected, with data said to have been compromised between 2014 and 2018. An unauthorised third-party is said to have accessed the guest reservation table fore the Startword division of the company. Data exposed in the breach included a lot of personal and account data.
The breach lapses over GDPR coming into force in May 2018. That means that the ICO (Information Commissioner’s Office) could issue a fine that equates to 4% of the Marriott’s global annual turnover.
The dangers of the Quora data breach cannot be understated, especially when the incident reportedly affected up to 100m users!
Just yesterday we wrote about the issue of reusing passwords and user credentials across multiple sites. Doing so can put you at far greater risks than you may even realise. One of the key things it means is that your credentials breached in an attack could be used to break into other platforms you use. Facebook is a prime example with billions of users and a feature that lets you log into other platforms using your Facebook credentials.
On that basis, the dangers of an incident like this Quora one simply cannot be understated.
Thousands of people have contacted us for help with data breach claims. Victims can be entitled to make a claim for compensation. The risks of reusing passwords is one of the first things people may need to consider.
The advice is to never reuse the same passwords and user credentials across different platforms. Despite this, people still do it. It means that being the victim of one simple breach could lead to several accounts being accessed. In fact, it could even mean those credentials are used to hack into a business you are employed with.
There’s a great deal that many people may not consider when it comes to reusing passwords and usernames. The mindset needs to change!
An issue that has led to a number of NHS fax data breach incidents has been reported, after mix-ups with a similar fax number has led to information going astray.
NHS data breach compensation cases are some of the more common types of claims our expert team help people with. A lot of the data breaches are caused by such simple errors that can be easily avoided. Despite this, they happen way too frequently.
The news of the fax mix ups is another example of this and comes to light after the accidental recipients of the data contacted NHS England about the incidents.
The NHS fax data breach issue reportedly stems from GP surgeries and pharmacies accidentally sending data to the wrong number. The number they have been sending information to in some cases belongs to a hotel group who has then been receiving the faxes incorrectly.
Some of the data that has been sent to the wrong fax number includes medication requests, certificates and dispensing vouchers.
It’s understood that the fax number for the hotel group is similar to the ones used to send information within the healthcare system. The hotel group has notified the Corporate Information Governance Team for NHS England.
As a result of these NHS fax data breach issues, NHS England has reportedly reminded GP surgeries and pharmacies about the importance of checking numbers. As some have recently called for a move away from faxes and pagers within the NHS, it’s claimed that this fax system is apparently the only way of sending this data within the healthcare system.
It sounds like something needs to change.
Any medical data breach can cause a huge amount of distress to the victims. When we see these simple errors over incredibly personal and sensitive data, it’s clear to us that more needs to be done.
As a firm of lawyers who specialise in data leak cases, we know how bad a breach can be for the victim. It’s important for these simple and avoidable data breaches are stamped out.
Warnings have been issued over a 2017 Basingstoke and Deane Borough Council data breach incident that was said to have been particularly sensitive.
The warnings have come from both the authority itself as well as the UK’s data watchdog, the Information Commissioner’s Office (ICO).
The incident took place before the introduction of last year’s vital GDPR. The incident still amounted to a serious data protection breach and could have led to criminal prosecutions and huge fines faced by the council.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
