October 2022 Data Breach Roundup
October has come to an end, but throughout the month there has been a number of data breaches across the UK and internationally, including the banking, insurance and government sectors.
Here you can find our brief monthly roundup of the data breaches our specialists supported clients with, along with other data breach incidents in the UK.
If you have suffered distress from a data breach, our expert lawyers can support you in making a compensation claim. Please don’t hesitate to get in contact with a member of the devoted and knowledgeable team at Hayes Connor.
Our recent work supporting victims of data breaches
Cyber attack impacts South Staffordshire Water
Current and former employees of South Staffordshire Water received correspondence about their personal data being impacted in a cyber attack.
The group responsible for the cyber attack released identification documents as proof of their involvement and demanded extortion payments to prevent the release. It is understood the data has since been leaked onto the dark web.
Examples of the sensitive data compromised include full names, bank account details and driving licences.
To read more about this story, click here.
The biggest data breaches uncovered in October 2022
Home Office sensitive documents left unattended
Sensitive Home Office documents left unattended in public London place lead to an official reprimand being issued to the Secretary of State for the Home Department (the Home Secretary), who is responsible for Home Office data controlling.
Staff members at an unnamed public venue in London found an unattended envelope with sensitive documents enclosed, including extremism analysis unit home office reports and a counter-terrorism policing report. This included the private information of several Metropolitan Police staff and other individuals.
an investigation determined the Home Office was the likely source.
To read more about this story, click here.
MI5 website taken offline through cyber attack
MI5, the domestic intelligence agency for Britain, suffered from a website outage.
Pro-Russian hacker group Anonymous Russia attacked the website in a DDoS attack causing server errors. The hacker group claimed responsibility for the attack via an encrypted messaging app known as Telegram.
During the outage, the website displayed a banner saying, “website under maintenance”. The website outage only lasted an hour and was back to normal thereafter.
A source stated, “It had absolutely no impact on the organisation’s work,” they added. “It was only the public facing website. There was no threat to security, no secure information was accessed.”
To read more about this story, click here.
Lloyd’s of London affected by potential cyber attack
Lloyd’s of London, an insurance market, speculates they suffered from a potential attack on their network following unusual third-party activity on their systems.
Once they became aware of the suspicious activity, they reset their internal systems and cut off external connectivity until an investigation had been concluded.
A spokesperson for Lloyd’s of London confirmed, “Lloyd’s has detected unusual activity on its network and we are investigating the issue. As a precautionary measure, we are resetting the Lloyd’s network and systems. All external connectivity has been turned off, including Lloyd’s delegated authority platforms.”
To read more about this story, click here.
Cyber Criminal steals 2 million binance coins
Binance Bridge, a crypto platform which handles Binance coins, suffered a cyber attack where it is thought that two million Binance coins worth $566 million were stolen.
Once Binance became aware of the cyber security incident, they paused the BNB Smart Chain to investigate the matter further.
Binance CEO Changpeng Zhao tweeted, "We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly."
To read more about this story, click here.
The latest data breach news and announcements
The UK Information Commissioner blames complacency as main cause of cyber risk
After a Berkshire-based construction company, Interserve Group LTD was fined £4.4 million for failing to protect its staff’s personal data, which led to cyber hackers accessing up to 113,000 employees’ sensitive information, the UK Information Commissioner, John Edwards, made it clear that preventing cyber attacks is down to companies putting proper precautions in place and following data protection law.
Mr Edwards expressed, “The biggest cyber risk businesses face is not from hackers outside of their company, but from complacency within their company. If your business doesn't regularly monitor for suspicious activity in its systems and fails to act on warnings, or doesn't update software and fails to provide training to staff, you can expect a similar fine from my office.
“Leaving the door open to cyber attackers is never acceptable, especially when dealing with people’s most sensitive information. This data breach had the potential to cause real harm to Interserve’s staff, as it left them vulnerable to the possibility of identity theft and financial fraud.
“Cyber attacks are a global concern, and businesses around the world need to take steps to guard against complacency. The ICO and NCSC already work together to offer advice and support to businesses, and this week I will be meeting with regulators from around the world, to work towards consistent international cyber guidance so that people’s data is protected wherever a company is based.”
Speak to our legal experts about a data breach
Being involved with a cybersecurity incident can be seriously detrimental, particularly where sensitive information such as financial details has been compromised and lands in unauthorised third-party hands. Such incidents can impact all areas of your life, from mental wellbeing to financial difficulty.
Should you allow a business to record and store your sensitive information, you are entrusting them to protect and ensure your details do not end up in the hands of cyber criminals, along with the duty the GDPR law requires from them. Where an organisation fails to keep your personal data secure, you could be eligible to make a data breach compensation claim.
At Hayes Connor, the team of specialist data breach experts have decades of collective expertise, skill and knowledge assisting clients in all types of claims. With the assistance of our specialist team, you can be confident in receiving clear, pragmatic advice and guidance personalised to your personal situation and needs.
The Hayes Connor team are friendly and approachable and always handle matters with the utmost sensitivity. We will take the time to carefully understand your case, the impact it has caused, and the appropriate options should a claim be likely of success, as well as the value of compensation you could be entitled to receive.
For further information on our data breach expertise and how we handle such claims, see here.
To start a data breach claim, you can use our online claim form.