Welcome To The Data Leak Lawyers Blog
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
We focus on the latest news surrounding data breaches, leaks and hacks plus daily internet security articles.
As we prepare ourselves for the General Data Protection Regulation, an updated version of the Data Protection Bill is making its way through Parliament. The bill will hopefully give people more control over their personal data and greater enforcement powers when organisations don’t keep it safe or misuse it.
In addition to this, the House of Lords changed the way reporters can obtain and use personal information in the name of public interest. This means individuals can make a claim for their private information not to be disclosed before it’s already plastered on the headlines.
Some news outlets are not happy about it!
read more
It seems the NHS can’t keep its staff under control as yet another worker has been found guilty of accessing sensitive medical records without authorisation.
Linda Reeves reportedly abused her position as a former data coordinator with access to the Trust’s patient database by rifling through medical records belonging to colleagues, friends and neighbours. She did not have any consent or authorisation from patients or her employer as the data controller.
Reeves has since resigned from her job at The University Hospitals of North Midlands NHS Trust.
read more
The Information Commissioner’s Office (ICO) issued Nottinghamshire County Council a fine of £70,000.00 for leaving sensitive personal data exposed online for half a decade.
The watchdog discovered the council’s ‘Home Care Allocation System’ (HCAS) was shared with care home providers using a simple link that did not require a username or a password.
The system contained a lot of personal information belonging to prospective and current care home users. Created in July 2011, the council was finally alerted to the security risk when a member of the public searched for HCAS online in June 2016 and found files readily accessible and completely unrestricted.
read more
Known for his portrayal of fictional character Alan Partridge, comedian Steve Coogan was the victim of a hacking scandal that led to details of his personal life published in newspapers, revealing intimate information about his family life, sexual encounters and alleged drug use.
Coogan is amongst dozens of other celebrities who have settled damages claims against Mirror Group Newspaper for reportedly hacking their phones to obtain private information to seemingly publish it in the media and, we assume, sell more papers.
It was a horrid scandal, and the levels of damages awarded goes to show the extent the courts are prepared to go to when people are the victim of malicious hacking.
read more
As technology in industry improves, many employees are being provided with more and more advanced devices and software to help for a more efficient workplace. From unified portals to mobile devices, employees are often given shiny new tools to work with all the time; but do they know how to use them safely?
A significant proportion of data breaches can result from employee mistakes: from accidental emails being sent, to uploading information online, and hackers targeting vulnerabilities to gain entry into customer databases. Cybersecurity experts have long identified employees as one of the weakest links when it comes to securing data in organisations.
read more
Uber Technologies Inc agreed a settlement with regulators last month after reportedly failing to protect customers from having their personal information accessed by company employees.
Investigations into the popular alternative taxiing service also found that Uber had perhaps been less than honest with the public about their data protection commitments.
Uber, now worth over £13 billion and offering services in 46 countries, have been accused of simply not caring about the data protection rights of their customers, instead simply focusing on profits. They’ve been accused of simply aiming to “amass the greatest database of consumer habits that the world has ever seen.”
read more
A recruitment manager at HomeServe Limited was prosecuted when it was discovered he’d been sharing personal information belonging to job applicants to a third party employment agency.
According to the Information Commissioners Office (ICO), the 39-year-old recruitment manager “sent copies of 26 CVs containing the personal data of applications seeking employment with HomeServe to an external recruitment firm, without a business need to do so”.
This is a clear breach of data protection laws.
read more
On the 11th August 2017 yet another NHS (now former) worker was fined by the Information Commissioner’s Office (ICO) for accessing sensitive health records belonging to family, friends and colleagues without authorisation.
She even disclosed information she found.
Brioney Woolfe worked at Colchester Hospital University NHS Foundation Trust as a Midwifery Assistant. The self-confessed ‘nosy’ midwifery assistant reportedly accessed 29 patient medical records, including the parents of her children’s school friends.
read more
As if the £400,000 fine last year was not enough, TalkTalk has been slapped with a £100,000 fine for reportedly breaching data protection laws over customer information.
Unlike the last fine which came off the back of countless customers’ information being exposed after a malicious hacking, TalkTalk is being fined for an alleged lack of information security, leaving customer data “open to exploitation by rogue employees.”
TalkTalk employees reportedly have access to a great deal of information, heightening the need for internal security measures.
read more
The Information Commissioners Office (ICO) has specifically reminded NHS staff not to access patient medical records without proper reason and / or proper authority. Illegally accessing, obtaining and/or disclosing patient medical records without permission is not only a violation of patient data protection rights, but also exposes the wrongdoer and the NHS to legal action and costly fines.
This latest ICO warning was prompted by a recent case where a former health care assistant accessed medical records belonging to several patients without a valid reason. Over a period of a year and a half, Brioney Woolfe reportedly accessed patient files belonging to 29 individuals, including her family members, colleagues and other patients.
read more
EasyJet admits data of nine million hacked
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
