Category: Data Breach Compensation
Affecting around nine million customers, the easyJet cyberattack was one of the biggest data security incidents of last year. In May, it was reported that easyJet had identified an attack in January, described as “highly sophisticated” in a statement to the media.
While many had travel and contact details exposed, there were also some victims who had their financial information accessed. Regardless of the type of details exposed, millions were made vulnerable to security risks that they would not have faced had easyJet succeeded in defending the attack.
We began taking on claims soon after the attack was announced, and we are continuing to support those victims who want to claim the compensation they deserve. You have a right to expect that your data is stored securely by third parties, and where data controllers fail in their legal obligations, you could be eligible to recover thousands of pounds in compensation. If you were a victim of the easyJet cyberattack, as we mark one year passing since news of the breach, you can still claim now – No Win, No Fee.
In 2018, British Airways suffered two data breach incidents, affecting hundreds of thousands of customers. The breaches both subjected personal data to unauthorised access by hackers, leaving victims vulnerable to scams and fraud. We have been taking on British Airways data breach claims since 2018 and are taking forward a large group of Claimants, so we are determined to see that as many victims as possible can access the justice they deserve.
The deadline to join the group action has already been extended to June, which means victims only have a few weeks left to start their claim as things stand. Those affected could be entitled to thousands of pounds in compensation, and you can sign-up for a No Win, No Fee legal case on the BA Group Action website here.
As leading data breach and consumer action lawyers, we are here to help.
Reports have recently emerged alleging that Foxtons Group, one of Britain’s largest estate agents, was aware that masses of financial data belonging to their customers had been reportedly exposed on the dark web but neglected to notify their customers. The news of the Foxtons Group data breach issues first emerged following a malware attack on the estate agency in October last year, after which it was stated that “sensitive data” had not been exposed. Foxtons then reportedly learned in January that private information had found its way to the dark web, but it reportedly failed to make customers aware of this fact, leaving it to news outlets to publish the allegations.
We believe that, on the face of things, the reported inaction of Foxtons Group is a significant cause for concern. It is worrying for customers to learn that their data may have been being misused by cybercriminals without their knowledge that it had even been stolen.
Whether it brings a healthcare organisation to a standstill, or causes the exposure of swathes of patient medical records, a health data breach can have serious repercussions.
In fact, the impact of a cyberattack can be worsened if the healthcare organisation in question does not have the appropriate security defences in place.
Every business or organisation is legally required to protect the personal data under their supervision, so data controllers can be held responsible if they breach this duty. We aim to help anyone who has fallen victim to a data breach to claim the compensation they deserve. This is not only to see justice done, but to also to make sure that organisations are dissuaded from acting carelessly again.
Current and former employees have recently been notified of the Arup data breach, after the company was reportedly made aware of a cybersecurity incident at its third-party payroll provider.
Following routine procedure, we understand that Arup has sent a data breach notification email to those affected, informing them of information that may have been compromised by the breach. Anyone paid by Arup via payroll over the past three years could potentially have been affected.
We believe that those affected by the Arup data breach may be eligible to recover compensation for any harm caused by the exposure of their private information. Data controllers have a legal obligation to protect the information in their possession. Where this duty is not upheld, companies can be liable to pay compensation amounts. If you have been contacted by Arup regarding your involvement in the Arup data breach, you can contact us to receive advice on your right to claim.
A recent report by HoldtheFrontPage has revealed that the Midlands News Association has been hit by a data security incident. The incident allegedly allowed an unauthorised third party to access the private details of journalists hired by the regional newspaper company.
The company does not appear to have disclosed the number of affected victims, but it has been revealed that information relating to the journalists has reportedly already been published online. Whenever a data breach occurs, the data controller responsible for the breach could be liable to pay compensation. Those who had their data exposed from the Midlands News Association may, therefore, be eligible to make a claim on a No Win, No Fee basis.
If you have been informed that your data was affected, we are happy to offer free and no-obligation advice on your potential eligibility for a compensation claim.
Reports have recently emerged detailing the events of the Fat Face data breach, following the company’s decision to send out an email to affected customers. Victims were reportedly told to keep the information about the incident private.
The data breach itself is understood to have occurred in January, but it was not until the end of March that customers learned of the exposure of their information. Investigations by Fat Face has established that some systems were reportedly subjected to unauthorised access, affecting both customer and employee data. It has also been alleged that Fat Face paid a ransom to a cybercrime gang, though neither the company nor the ICO, the data protection regulator, appear to have confirmed this claim.
Those who have had their private information exposed in the Fat Face data breach may be able to recover compensation for the harm caused. Everyone has a right to adequate data protection. If companies fail in this duty, they can be liable to issue pay-outs to those affected.
As a firm of data breach claims solicitors, we are steadfast in our determination to help data breach victims to achieve justice for the untold distress and loss they have suffered. The Data Breach Lawyers is often at the forefront of new, evolving areas of data protection law, aiming to make sure no one who has their legal rights breached is left behind.
Developing our expertise over a number of years, our knowledge of this niche area of law is what allows us to be such staunch defenders of our clients’ legal rights. Unfortunately, many businesses and organisations continue to fail to protect personal data, but we know how to apply our skills and experience to make sure that they are held to account.
From the 56 Dean Street Clinic breach, to the huge group action against British Airways, our data breach experience spans several years. Read on to find out more about our ground-breaking work in this area of law.
SITA, an IT systems provider for much of the aviation industry, recently encountered a cyberattack described as “highly sophisticated”, which provoked a leak of passenger data from its servers at the end of February. The SITA data breach was monumental in scale, affecting hundreds of thousands of customers across several notable airlines.
Affected airlines included those under the Star Alliance group, such as Lufthansa and Singapore Airlines. It also included British Airways, which is currently the subject of our group action following two seismic data breaches in 2018.
The travel industry has long been targeted by cybercriminals. Examples include the Marriott data breach and the easyJet data breach, so it is unsurprising that hackers have sought to steal further information by attacking a company that serves so much of the global aviation industry. The breach is not believed to have exposed any highly sensitive data, but it must act as a wake-up call to airlines and other travel companies. The sector must now look to protect data from an incoming wave of sophisticated cyberattacks.
Email and phone scams continue to become more pervasive and varied as cybercrime grows, and one of the latest forms involves scammers claiming to work for Virgin Media.
The telecoms company has issued a warning in response to the reports of the fraudulent communication. Virgin Media suffered a notable data breach last year, and we are currently taking on claimants in a group action against the company. However, there is no evidence that these scammers are linked to the data breach, but there is a good reason as to why we need to look at how the two could, even if in theory, be linked.
Personal data is a valuable commodity to fraudsters, and there is a lot of money to be made by the theft and resale of private information. With a few simple contact details, scammers may be able to manipulate unsuspecting victims into handing over further personal data. This has happened before with data breaches and scammers have targeted victims, even passing themselves off as the breached company by exploiting exposed information. This is why it is important to talk about these issues in the context of a breach.
Our information is being increasingly shared for commercial purposes to businesses who use it to provide us with goods and services. However, local government bodies also process and store huge amounts of our personal data. Their need to monitor and manage the local community means that councils often require access to highly sensitive information. In the event of a local authority data leak, the consequences can be severe.
The important duties that they owe to residents do not appear to prevent local authorities from breaching data protection regulations. It is not acceptable that branches of government should neglect the law of the central government they are linked to, particularly in cases where their residents are exposed to significant data security risks.
We have represented clients in many local authority data leaks compensation claims. Anyone affected by a data breach such as this can contact us for free, no-obligation advice about No Win, No Fee representation.
Not long into the new academic year, the Northumbria University cyberattack shook the campus IT systems in early September 2020, forcing those at the top to close the campus and postpone scheduled exams.
It remains unclear whether any long-lasting damage was caused by the attack. In our experience as data breach lawyers, we have seen large-scale attacks such as this endanger or expose significant quantities of personal information.
Northumbria is not the first university to have experienced such an attack, a fact that highlights the particular vulnerability of higher education institutions to such malicious cybercrime. In university cyberattacks, employees and students can be adversely affected by the exposure of their personal data, for which they are often able to make a compensation claim. If it emerges that Northumbria University failed to protect personal data, we may be able to help anyone affected.