Welcome To The Data Leak Lawyers Blog

“Target” to pay $18.5 million settlement for 2013 data breach

Target has agreed to pay out a whopping $18.5 million to U.S customers after a nationwide data breach.

Millions of customers had their personal information compromised back in 2013.

The data breach affected customers’ contact, account, and billing information. It’s believed that a total of 60 million customers were affected.
read more

By Author

DocuSign data breach puts users at risk

DocuSign – the company that lets users ‘sign’ documents digitally – has admitted they have been hacked.

During the data breach, hackers managed to take user email addresses, and cyber-criminals haven’t wasted any time as multiple users have already reportedly fallen victim to phishing emails.

The lack of delay means that DocuSign didn’t even have time to warn users that their information was compromised and to look out for “malicious third party” activity. Reportedly, users were enticed to click on a harmless looking Microsoft Word document, but the document contained certain malware to steal passwords and banking information.
read more

By Author

Ffrees customer personal information has been exposed in a data breach

Ffrees is an online banking service that lets customers transfer money into their Ffrees account for discounted shopping, where users may benefit from discounts on purchases in various shops

Recently, they have come under fire for data protection and compliance issues.

Ffrees have previously come under scrutiny for their terms and conditions, but now it seems the company has failed to secure their customers’ personal information following a cyber security incident.
read more

By Author

Most UK businesses expect to be a data breach victim this year

According to IT Pro Portal, the “majority of UK businesses expect a data breach this year”.

For those who follow this blog, this probably isn’t news at all…

In the past few years, data breaches are becoming so common that they’re almost a norm. Businesses in the UK are being targeted more and more; either directly or with certain malware worms that seek out vulnerable servers.
read more

By Author

Yahoo exposed for not cooperating with data breach investigations

Multinational technology company ‘Yahoo’ hasn’t seen the end to the ongoing criticisms since the first cyber-attack in 2013.

On 11^th May 2017, Germany’s federal cyber agency The German Federal Office for Information Security (BSI) noted Yahoo was being uncooperative in their investigation into a series of cyber-hacks that compromised approximately 1 billion accounts between 2013 and 2016.

According to the BSI, an additional 32 million Yahoo users were affected by cyber-breaches in 2015 and 2016, but have yet to hear of any cyber-breaches affecting Yahoo users in 2017.

When will it end?
read more

By Author

New York medical records discovered on an unsecured server

Medical records are known to be a treasure trove for hackers. Once cyber-criminals have access to these, they can sell them on the black market for up to $10 (£7.67) per record, according to Anthony James at U.S. security firm, TrapX.

But it seems cyber-criminals don’t have to hack into computer systems to access records as a ‘huge trove’ of confidential U.S. medical records were found on an unsecured server; accessible to malicious hackers and cyber-security professionals.
read more

By Author

Starbucks shifts data protection responsibility onto customers

The Starbucks saga continues…

Customers of Starbucks have been struck by multiple counts of fraudulent activity in recent weeks. Like many modern businesses, Starbucks was not prepared to be left behind in the digital world. So, they created an app where customers can easily purchase drinks and snacks on their phones. Around a third of all purchases are reportedly now made through this popular and easy to use app, and whilst the app is responsible for $1 billion worth of purchases, Starbucks have arguably overlooked key security measures.
read more

By Author

Are companies prepared enough to respond to a data hacks and breaches?

Though most organisations have cyber-security systems in place, the effectiveness of preventing potential incidents is highly questionable.

It seems the media is portraying how companies are becoming increasingly less prepared in the event of a cyber-attack. For the most part, their cyber-security seems to be reactive rather than proactive. However, this theory may not be completely unfounded as the Global CISO study shows that 78% of Chief Information Security Officers (CISOs) are worried about their ability to detect breaches in the first place.
read more

By Author

What legal basis did the Met Police have for disclosing 30,000 addresses?

In early May, the Metropolitan Police were accused of a ‘severe’ security breach when they disclosed 30,000 addresses of shotgun and firearm owners to a direct mail marketing agency, “Yes Direct Mail”.

The British Association for Shooting and Conservation (BASC) has now demanded an answer from the Commissioner of the Metropolitan Police, Cressida Dick, to clarify what legal basis they had for passing on the addresses of so many firearm and shotgun owners. Namely: under the Data Protection Act (DPA) and any wider guidelines surrounding privacy and marketing.
read more

By Author

Verizon finds that one in ten data breaches went undetected last year

After a year filled with data breaches left right and centre, the reports containing breach statistics are enough to make anyone feel uneasy.

The American TV phone and internet provider Verizon instructed their security research division to look into 2,260 breaches reported by various organisations and companies. Having seen data breaches take a centre spotlight in the news throughout 2016, the results don’t surprise us; but they are nonetheless worrying…
read more

By Author