October Data Breach Roundup
Data breaches were in the news once again in October, as several sectors were struck by various serious incidents.
Our data breach roundup for October covers some of the most notable cases to occur in October, in addition to any updates from the wider industry.
If your data has been exposed in a breach, our specialist solicitors will be able to advise you on the process for making a claim. Please get in touch with our team to discuss the details of your case today.
The biggest data breaches uncovered in October 2023
Southend-on-Sea City Council suffer major data breach
Southend-on-Sea City Council were guilty of a major data breach after it was revealed that details of over 2,000 staff and councillors were mistakenly made public.
The information exposed in the breach, which was made following a Freedom of Information request in May, included names, addresses and National Insurance numbers.
A spreadsheet was published following the request. It was initially believed that the spreadsheet only contained anonymised information for one department, but it was soon revealed that it also included all personal and special category data.
Tony Cox, the Conservative leader of the council, said: "We have immediately begun an investigation to understand how this happened and I sincerely apologise to those affected on behalf of the organisation.
"It is important to stress that this information did not contain bank details. However, it included details such as National Insurance numbers, pension scheme details, salary, names and addresses and equal opportunities data.”
To read more about this story, click here.
Dorset NHS Trust guilty of data breach involving victim of abuse
University Hospitals Dorset NHS Foundation Trust were reprimanded for exposing the details of a victim of abuse to his alleged abusive ex-partner.
The Dorset trust had a system where the same correspondence sent to multiple people would include all addresses. This system meant that a letter containing the new address of the abuse victim was revealed to their former partner.
A report from the Information Commissioner’s Office (ICO) noted that the victim has not made a complaint, though there is now a risk of unwanted contact which will remain.
University Hospitals Dorset said: "We apologise for this breach of data and accept the findings...
"We also extend a further apology to the individual concerned and recognise the distress the breach may have caused."
To read more about this story, click here.
Cumbria Police claim staff data breach was a “one-off” incident
Police and crime commissioner (PCC) for Cumbria Police Peter McCall has claimed that a data breach involving the force was a “one-off” incident that will not be repeated.
The names and salaries of every Cumbria Police officer and staff member were mistakenly published online.
It was noted that, at the time of the breach, the potential impact was low and that the ICO were satisfied with the response taken.
Mr McCall commented on the breach saying: "Assurance was given, and indeed accepted, that the breach was only a one-off incident and learning from it has been taken onboard and processes put in place to ensure it should not happen again," he said.
"I would reassure the panel that there was no risk to individual personnel as a result of that breach."
To read more about this story, click here.
The latest data breach news and announcements
ICO publishes guidance for workplace lawful monitoring
The ICO has called on organisations to consider their legal obligations before they implement any workplace monitoring on their employees.
This comes in response to the growing trend of remote working policies adopted by companies in the UK. Research from the ICO indicates that almost one in five (19%) people believe that they have been monitored by an employer, while over two thirds (70%) of people surveyed by the ICO said they would find monitoring in the workplace intrusive.
The ICO guidance the new guidance provides clarity on how monitoring by employers can conducting lawfully and fairly, as well as advice to help employers build trust with their workers and respect their rights to privacy.
Read more about this story here
ICO issue data protection guidance to retailers to tackle shoplifting
The ICO have issued direct guidance to retailers to demonstrate how data protection can have a direct impact on tackling a rise in shoplifting.
Current data protection laws enable retailers to shared criminal defence data such as images to prevent or detect certain crimes, so long as it would be necessary and proportionate to do so.
Read more about this story here
Speak to our legal experts about a data breach
Data breaches have the potential to be extremely disruptive, potentially resulting in financial losses and significant distress.
Organisations that hold your personal data have a range of legal obligations, the most important of which is to keep your data secure and out of the reach of any unauthorised third parties. Where data is exposed, any affected parties may be in a position to make a claim for compensation.
At Hayes Connor, out specialist data breach solicitors have a wealth of combined experience and expertise in handling data breach claims. This means that we are perfectly positioned to provide you with the support you need and help you understand how best to proceed.
In every case, we will take the time to establish the details of your case, the impact it has had on you and your family, and the level of compensation you may be able to receive.
For further information on our data breach expertise and how we handle claims, see here.
To start a data breach claim, you can use our online claim form.