As it is every year, Cybersecurity month 2021 is the time to take stock in terms of where we are when it comes to data protection and ensuring that our private and personal information is protected.
Victims of a data breach, including a cyberattack, can be eligible to claim compensation by law. Most people claim for the distress caused by the loss of control of their personal information. With so many big breaches and large hacks taking place in recent times, it is easy to see how we now represent thousands across over 50 data actions that we have launched.
Cybersecurity month 2021 reminds us all that our work continues to be incredibly important.
Steris, a US company that provides a range of medical products and services, was hit with a cybersecurity incident in late 2020. The Steris data breach was reportedly part of the collateral damage of the Accellion cyberattack, in which hackers breached the well-known technology company’s systems.
Among Accellion’s products and services is their FTA (File Transfer Appliance), which they sell to business customers to provide them with a secure means of moving digital files. However, the integrity of this application was compromised when it was subjected to an external hack, which has since been linked to the exposure and potentially the publication of private information.
Not only has the error compromised data security, the event could also put a strain on Accellion’s business relationships. The Accellion cyberattack and resultant Steris data breach demonstrate the damage that could be done to a company’s reputation when data protection breaches occur.
The Twitch data leak has been widely reported in the media over the last week, with the earnings and pay-out information for streamers being exposed.
So far, the Amazon-owned platform is saying that the data breach arose from a server configuration issue, but hackers have also reportedly claimed responsibility for leaking exposed information. It is understood that a list of pay-out details for streamers is doing the rounds on social media and on the web, and all evidence points toward the list being accurate.
For a platform that has prided itself on confidentiality when it comes to the earnings and pay-out information for its streamers, this data breach is alarming. For anyone who is affected in England and Wales, here is some legal advice for you.
In March 2020, news of the Virgin Media data leak revealed that as many as 900,000 UK people (mainly customers) had had their information exposed due to a system insecurity. The data protection errors that occurred within the company came with serious consequences, causing those affected to potentially become vulnerable to data misuse.
In accordance with UK data protection law, every citizen has rights that can protect them in the aftermath of a data breach. These rights can be asserted in a data breach compensation claim to ensure that third-party data controllers cannot get away with needless errors and negligence.
We believe all those affected by the Virgin Media data breach could be eligible to claim compensation for any harm caused, which is why we have launched a group action to see that justice is done. Our experience in high-profile data breach group actions means that we are well equipped to lead claims to fruition. If you were notified of your involvement in the Virgin Media data leak, we encourage you to join our action, as you may be able to recover thousands of pounds in compensation.
In July, it was reported that a popular UK site designed for the sale and purchase of guns has been targeted by hackers. As a result of the Guntrader data breach, the personal safety of a number of gun owners may have been put at risk, with the exposed information potentially facilitating targeted criminal activity.
Hackers seeking to misuse personal information will often seek the most sensitive details that they can find, as this often proves to be more profitable. With cybercriminals growing in strength and enhancing their methods, it is vital that organisations in possession of personal data protect it in accordance with the law. Where they fail to do so, they could be held liable for a breach of the GDPR.
At The Group Action Lawyers, we have seen countless data breaches hit the headlines over the years, and we aim to use our expertise to help victims access the compensation that they deserve. If you have been affected by the Guntrader data breach, you may be able to make a data breach claim, and we can offer advice to any victims on their potential eligibility.
Resulting from a seismic cyberattack, the Equifax data breach was one the largest seen in recent memory. Hitting around 145 million US customers, the breach also affected approximately 700,000 UK customers. In response, we decided to launch a group action to hold Equifax to account and to claim compensation for the UK victims. Anyone who was notified of their involvement in the breach by Equifax may be able to make an Equifax data breach claim.
As an international credit reference agency, Equifax holds a wealth of personal information, much of which is highly sensitive. As a result of the data breach, millions upon millions of consumers were exposed to threats of information misuse and fraud, all of which was provoked by Equifax’s failure to patch a known cybersecurity vulnerability.
The importance of holding Equifax to account must not be underestimated. We hope that our group action will bring fair compensation to the victims, and will also send a message to Equifax and other data controllers that such negligence will not be tolerated.
In July, it was three years since the NHS Digital data breach was first reported. This was a wide-reaching data protection incident in which tens of thousands of people had their personal information misused. NHS Digital was found to have caused personal data misuse after a system error denied patients the ability to choose how their information was processed and used.
Every patient should be able to exercise control over the use of their confidential health information, so the NHS Digital data incident represents a significant breach of patients’ data protection rights. It is for this reason that many patients affected by the incident could be eligible to claim compensation, and we are working on behalf of victims on a No Win, No Fee basis.
We began to offer advice to potential claimants soon after the breach was reported, and we will continue to help as many victims as we can. However, given that three years have passed, claims may be different for anyone only just bringing one now, and further dates can prevent more victims from making a claim. As we often say, it is important that you seek advice as soon as possible if you were affected.
Due to the nature of data breaches, it is often the case that many people are affected by the same incident. One system insecurity can leave swathes of private information vulnerable, and even a momentary human error can cause irrevocable information exposure. For data breach incidents that involve dozens or even thousands of victims, we may decide to launch data group actions.
As specialists in group actions, we know how powerful a force we can create when we collect all the claims together in one lawsuit. We know that group litigation can seem like a complex and unfamiliar area of law to some of our clients, but we can assure you that we handle each claimant’s case with efficiency and minimal stress to you.
Having developed a specialism in data breach claims, our firm has brought group actions in response to many major data breaches, such as those which occurred at British Airways, Virgin Media, and Equifax. We believe that group litigation is the key to holding companies to account for data protection negligence, and we encourage anyone affected by a data breach to join us in our pursuit of justice.
Three years ago, survey company Typeform reported that it had been the victim of a hack, causing a breach of the information it stored for its customers. Becoming aware of the issue in late June, Typeform is understood to have found that a hacker had been able to steal from its backup of personal data. Those who were affected by data exposure due to the incident may be able to recover compensation as part of our Typeform data breach claim group action.
No one should be put in the position of having their data made vulnerable to unauthorised access and potential criminal misuse, so organisations must do everything in their power to safeguard the information that they hold. Where companies fail to protect personal data, this can constitute a breach of data protection law, and those affected can be eligible to make a compensation claim.
Anyone who was notified of their involvement in the Typeform incident can come to us for expert advice on their potential eligibility for a claim. We have been helping a number of others for a while now and claimants can be eligible for No Win, No Fee legal representation.
If you are a customer of AX, you may have recently been contacted regarding the data breach that affected the company’s files. It is understood that the AX data breach occurred earlier this year in January, after an unauthorised third party managed to access private information held by the company.
AX, formerly known as Accident Exchange, provides vehicle hire services to those who have been involved in road traffic accidents. It may be that some of AX’s customers are involved in ongoing insurance or personal injury claims arising from their accidents, so it could be highly distressing for such victims to hear that information relating to these incidents might have been exposed.
Your personal information should never fall into the hands of an unauthorised third party but, unfortunately, some data controllers still fail to protect personal information from theft or loss. If you have been the victim of an incident like this, you may be eligible to start a compensation claim, so contact our team for advice if you think you have a case.
Three years have passed since the Ticketmaster data breach, which affected the private information of a huge number of customers. An external hacker was able to compromise Ticketmaster’s wider systems, allowing them to steal personal details and payment data from customers making online bookings. The wide-reaching impact of this breach must be accounted for, which is why we are still pursuing our Ticketmaster data group action, aiming to help those affected by the incident to claim the compensation that they deserve.
All third-party organisations in possession of personal information must abide by the regulations set out in data protection law. Where they fail to do so, their actions (or inaction) could be regarded as a data protection breach, and those affected could then be entitled to claim compensation for any harm caused.
If you were adversely impacted by the Ticketmaster data breach, you can assert your rights using data protection law by making a compensation claim. We can offer free, no-obligation on your eligibility for a claim, and can get your claim underway swiftly if we think you could be entitled to compensation.
It has recently been reported that one group of claimants in the British Airways group action have reached a settlement with the opposition. The action against the airline was initiated in response to their 2018 data breaches, in which hundreds of thousands of customers had their data subjected to unauthorised access. Although this initial British Airways data breach claim settlement has taken place, our claims against BA will continue until we win our clients the compensation that they deserve.
One law firm decided to negotiate a settlement of their claims, but due to an agreement of confidentiality, the number of the claims settled and the values of the compensation pay-outs have not been publicised. However, when compared with the 420,000 people affected by the data breach, we estimate that only a small subset of those affected have been awarded compensation so far.
We are continuing to pursue our legal action against BA, and we are confident that we will be able to succeed with the action and obtain damages for our clients. If you have yet to make a claim, make sure to start your legal case here now to avoid missing out.