Arup data breach caused by cybersecurity incident at payroll provider

government issue warning about oncoming gdpr

Current and former employees have recently been notified of the Arup data breach, after the company was reportedly made aware of a cybersecurity incident at its third-party payroll provider.

Following routine procedure, we understand that Arup has sent a data breach notification email to those affected, informing them of information that may have been compromised by the breach. Anyone paid by Arup via payroll over the past three years could potentially have been affected.

We believe that those affected by the Arup data breach may be eligible to recover compensation for any harm caused by the exposure of their private information. Data controllers have a legal obligation to protect the information in their possession. Where this duty is not upheld, companies can be liable to pay compensation amounts. If you have been contacted by Arup regarding your involvement in the Arup data breach, you can contact us to receive advice on your right to claim.

The data exposed in the Arup data breach

The data breach notification letter sent by Arup indicates that many of the current and former employees might have been affected by the data breach. While Arup states that it is continuing to investigate the incident with the payroll provider, they have been able to establish that two categories of employees were affected, we understand, and they have detailed the specific details that may have been compromised.

The Arup employees (both current and former) who were paid via payroll between 1st November 2018 and 31st January 2020 are said to have potentially had the following details exposed:

  • first names and surnames;
  • addresses;
  • gender;
  • bank account numbers;
  • sort codes;
  • National Insurance numbers;
  • dates of birth.

The Arup data breach may also affect those who have recently joined the company. It has been reported that new employees who joined between 1st February 2020 and 31st January 2021 may be facing the exposure of their surnames, bank account numbers and sort codes.

The potential consequences for the victims

Those affected by the Arup data breach may now be confronted with the stress and anxiety of managing the risks and the consequences of data misuse. In the current landscape of data crime, all the exposed payroll data could facilitate cybercrime such as identity theft and fraud.

In their letter to employees, Arup bosses have stressed the risk of bank account fraud, advising those affected to liaise with their banks and to remain vigilant for any unauthorised activity on their accounts.

Data breach compensation claims

If you were affected by the Arup data breach, there is a chance for you to seek justice by making a compensation claim. We can investigate your data breach case to identify any potential data protection negligence that may give rise to a claim for you. Where we can establish negligence, victims could be in line for thousands of pounds in compensation.

We have been dealing with privacy matters since 2014, so you can trust that we have the experience to handle your claim expertly and sensitively. To receive free, no-obligation advice on your potential compensation claim, contact us today or register your details in our online call-back form.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.