Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We’re coming up to the first anniversary of the data law changes next month. Many are still unaware as to how GDPR and compensation claims work, and what the relationship is.
As data breach compensation experts, we can answer the key questions for you.
GDPR and compensation claims can go hand-in-hand, but they can also be viewed as two separate things. The new legislation has made the reporting of data breaches a bigger burden, which has led to an influx of reports since the law changes took place. GDPR can also place a greater burden for accountability when it comes to breaking data laws, and there’s the potential for huge fines.
But compensation is usually something that’s separately pursued to any involvement from the Information Commissioner’s Office (ICO). And that’s why we’re here.
You may have heard about the We-vibe app class action in the U.S., where the makers of the sex toy have been ordered to pay millions in compensation.
In the U.K., we’ve been running our own legal action since news of the data breach hit the headlines a few years ago. This is one of the dozens of different data breach actions our lawyers are fighting for justice in, and we act for a large group of victims claiming data breach compensation as a victim of the We-vibe app breach.
Although we’ve been acting for people for a number of years, it’s not too late to join the action if you’ve yet to sign up. In the U.K., the case is at a different stage to that of the U.S.
There are rising financial services data breach incidents, according to the number of reports that have been made to the Financial Conduct Authority (FCA).
In 2018, it’s understood that the number of data breaches that had been reported to the FCA had increased by a monumental 480%.
With May 2018 seeing the introduction of the new GDPR rules, punishments that can be issued for data incidents can amount to millions. On top of that, victims can be entitled to make a claim for compensation. Financial services data breach compensation amounts can be high, depending on the nature and severity of the incident.
The Windrush data breach incident that happened on 7th April 2019 has forced changes to be adopted by the Home Office following the leak of information surrounding the compensation scheme.
Earlier this month, mass emails were sent out to people taking part in the Windrush compensation scheme, as well as other interested parties. Emails were reportedly sent out in batches of 100, and the first five batches are understood to have resulted in a data breach. Yet again, this was another case where recipients of the email could see each other’s information.
This kind of incident has happened so many times before, and it triggered one of the more severe compensation actions we’re involved ion; the 56 Dean Street Clinic leak. Changes are now set to be made.
The Information Commissioner’s Office (ICO) has issued a fine of £400,000.00 having concluded their investigations into the significant Bounty data breach.
We’ve already been contacted for help and taken claims for data breach compensation forward on a No Win, No Fee basis since news of the fine broke in the media. As many as 14 million individuals may have had their personal data shared, including new mothers and infants by extension.
The ICO has established that Bounty failed to properly inform users that their data would be shared for marketing purposes. The findings also confirmed that no one was able to give proper and informed consent as well.
A lack of data training is an easy open goal for data breaches and cybersecurity incidents. It’s not a viable defence to a claim for compensation.
Over the years we’ve been helping people, thousands of victims have asked for our help for data breaches, leaks and hacks. We can tell you from years of experience that a common cause of incidents can sometimes be a simple issue of a lack of training. Even though data breaches are always in the news, and the risk of a cybersecurity incident has probably never been higher, data protection training is still not a priority for some.
I’ve spoken to friends and family for some insight as well, and there are still way too many organisations not treating it seriously; despite GDPR. For a victim who must make a claim for data breach compensation, a lack of training is no excuse to deflect a claim.
We’ve started taking cases forward on a No Win, No Fee basis for victims of the PFEW cyber attacks that were announced recently.
Some 120,000 police employees may have been affected by this data breach, spanning 40 different forces. The PFEW (Police Federation of England and Wales) cannot determine whether any information was exposed, so on the basis that it cannot be ruled out, we’ve agreed to take cases on.
Another key factor is that there were two separate incidents that spanned over a number of weeks. The first incident took place on 9th March 2019, and the second took place on 21st March 2019. It’s believed that the attacks were a part of a wider operation as opposed to specifically targeting PFEW.
A recent prosecution has taken place over the V12 Sports and Classics data breach incident where a former employee of the company has been found guilty of breaking the law.
In this case, the former employee (32-year-old Jayana Morgan Davies) reportedly forwarded work emails that contained the data of customers and colleagues to her personal account. She resigned from her position a few weeks later, which suggests a specific motive for the illegal processing of the data she misused.
The incident is said to have taken place in August 2017. It has led to a successful prosecution from the ICO (the Information Commissioner’s Office).
It’s understood that a Bromford data breach incident occurred last year after the housing association accidentally sent letters to the old addresses for hundreds of tenants.
News of the breach comes from the media outlet Inside Housing. The error appears to be linked to some form of system issue where the old addresses for some tenants was copied into a new system. Some 30,000 letters were then sent to tenants in relation to rent reviews, and it’s believed that 253 of them were sent to the wrong (old) address.
After concerned tenants contacted the company about issues receiving their letters, the mistake was discovered. By then, the damage had already been done.
There has been a prosecution for a worrying Nuneaton and Bedworth Council data breach that’s an example of how employees can exploit the data they can access.
In this incident, former head of building control at the council, Kevin Bunsell, shared personal information about job applications with his partner. His partner had applied for the same job that the candidates whose data was shared had applied for, and she won the position.
Although we can only speculate as to the motives, we can assume that the reasons for sharing the data were to assist his partner in securing the position which she was eventually awarded.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
