The PageUp data breach affecting millions worldwide was another ‘here we go again’ moment as the mega breach, affecting a number of people throughout several countries, hit the news.
The Australian-based provider of cloud HR and recruitment software that’s used in almost 200 countries, including the UK, had its systems breached in May. We’ve already been approached for help and are taking compensation claims forward for UK victims.
Personal information, banking information and passwords are thought to have been potentially exposed in the PageUp data breach.
PageUp data breach advice for UK victims
If you are a UK victim of the PageUp data breach, we may be able to assist with a claim for data protection compensation.
We’ve already taken cases forward on a No Win, No Fee basis as we investigate the issues and look into whether there was more that the Australian-based company could have done to have secured their systems.
An organisation of its size and stature is a likely target for cyber-hackers, so we would expect that their systems would be safe and secure. Although nothing is completely impenetrable, this is a major attack that has exposed the personal and sensitive data of some two million people worldwide.
ICO investigating the PageUp data breach
The Information Commissioner’s Office (ICO) is investigating the PageUp data breach. It took place at the end of May and it was reportedly a coordinated attack on their IT systems in the UK, as well as in Australia and Singapore.
The attack apparently took place on 23 May 2018, which is just 48 hours before the new GDPR came into force. As such, PageUp may be counting themselves very lucky indeed; had the attack have happened just a couple of days later, they may have felt the full force of the GDPR powers that can allow the ICO to fine organisations up to £17m, or 4% of their turnover.
The breach was reportedly identified a few days later, so who knows, they may still face the GDPR wrath. Will the ICO count this as a GDPR-enforceable situation?
As we wait in the transition period of the new regulations coming into place, there are a few uncertainties over the punishments that may be handed out in data breach cases. The Dixons Carphone breach being one, where the data breach took place last year but was revealed this year.
The recent Ticketmaster data breach we’re helping victims claim for is certainly in the GDPR realms.