data breach
, ,

120k police officers in the UK have had their personal details exposed

What happened in this case?

The Police Federation of England and Wales (PFEW), has suffered a severe data breach across a number of its databases. As a result of a ransomware cyber-attack, the names, email addresses, National Insurance numbers, ranks and serving forces of around 120,000 police officers have been exposed. The breach affects officers at all levels up to the rank of chief inspector.

In addition, a second database has also been affected. This violation involves a booking system for the PFEW conference and hotel facilities in Leatherhead. The breach includes the names, addresses and email addresses of guests who visited for leisure purposes. Any guests who stayed at the facilities between 1 September 2018 and 9 March 2019 may also have had their financial details (credit card number and expiry date) put at risk. The breach does not affect officers who stayed as Federation representatives on courses.

A third database has also been breached. This involves the PFEW claims case management system. Any member who requested PFEW assistance for an investigation, inquiry or complaint during their service (if dealt with at HQ at Leatherhead) could have had their name, address, National Insurance number, and bank details accessed by cybercriminals.

The PFEW was alerted to the ransomware cyber-attack on March 9th. However, members were not informed about the breach until 21st, and a helpline for those affected was only made available from Friday 22 March.

Local Federation branches have not been affected.

How has the Police Federation responded?

In a letter to its members, the Federation said: “We are deeply sorry that this has happened and that data we hold about you has been affected and know that this will cause you some concern.

“We have instructed a leading forensics firm to help us investigate the matter. This is a complex process and will take some time. Indications are that it was not targeted specifically at PFEW and was likely part of a wider campaign. There is also no evidence at this stage that any data was extracted from PFEW’s systems, although this cannot be discounted at this stage. Whilst we consider at this stage the risk of your data being extracted or misused is low, we wanted to alert members as to the risk at the earliest opportunity.”

This response is not good enough

Commenting on the breach, Kingsley Hayes, managing director at Hayes Connor Solicitors said: “While the Federation claims that the risk to data is low, there is no way that they can know that. In many data breach cases it can take months for the full impact and losses to become apparent. We have seen instances where the financial losses only start to occur three to six months later. This is often because data stolen is used in batches over time.

“What’s more, simply knowing that your details could be in the hands of cybercriminals can lead to anxiety and distress. Experiencing a data breach can result in adverse life events such as having to move house or area, losing a job, relationship stress and separation, and dislocation from friends and family. All of which can lead to a diagnosable psychological injury.

“For police officers knowing that their personal information could be in the hands of criminals is bound to be even more distressing.”

What is happening now?

The PFEW has been working with the National Crime Agency who is dealing with this incident as a criminal offence. It has also put a number of measures in place to help stop the further spread of the malware. In addition, the Federation is liaising with the National Cyber Security Centre and the Information Commissioner’s Office as this matter is investigated.

Where to get help

The Federation has said that any officers concerned about fraud or lost data should contact Action Fraud. Advice can also be obtained from the National Cyber Security Centre.

The PFEW helpline is also available on 0800 358 0714. Opening hours are Monday to Friday 8am to 6pm, and Saturday and Sunday 9am to 3pm.

Furthermore, the PFEW website has the latest information and FAQs regarding this breach.

Claiming for compensation

At Hayes Connor, our expert solicitors deal with a significant number of data breach cases every day. During our work, we see many different types of claims and understand how data breaches can affect people in different ways.

If you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation.

In most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests, it is often the only way organisations will be persuaded to take their responsibilities seriously and make the necessary improvements.

If you have been affected and want advice contact us today

DATA BREACH
, ,

Marriott facing GDPR fine and compensation payments

The Marriott data hack is one of the most serious data breaches of its kind. And, following the breach – which resulted in 500 million guests being compromised – the hotel group is facing a GDPR fine and compensation payments to customers.

Marriott data breach compensation

So far, two US-based law firms have already filed class action lawsuits against Marriott International. A class action (also called a group action), is where a group of people – sometimes even thousands of people – who have been affected by the same issue collectively bring their cases to court. These victims then fight together to achieve compensation. Where circumstances are very similar, group actions can be a powerful tool and can have a more significant impact than a single claim.

Find out more about group actions.

A US Senator has also called on Marriott to reimburse those affected to allow them to purchase new passports. However, to date, Marriott has offered no monetary reparation.

Committed to helping victims of data breaches and cybercrime to achieve the justice they deserve, at Hayes Connor Solicitors we are also considering launching a group action to compensate UK victims of the Marriott data breach.

Marriott data breach GDPR

Marriott is a US-based company. But, because many of its guests are EU citizens, the data breach falls under EU GDPR legislation. This means that the hotel group could face a fine of up to £17.8 million or 4% of its annual turnover. Marriott’s turnover in 2017 was £20.4 billion.

So, Marriott could be facing a regulatory fine and litigation. As such the financial implications could be huge. What’s more, if you are a Marriott International customer and you have suffered emotional distress because of the data breach you could be entitled to compensation – even if you haven’t lost out financially.

Many people suffer anguish, anxiety and stress after a data breach and this can have a significant impact on you mentally and physically. Effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job.

So, if you have received an email from Marriott letting you know that your details have been put at risk, get in touch. We’ll let you know if and when you can claim. You can also read our step by step guide to making a data breach claim here. 

We can take on your claim on a no-win, no-fee basis. Our initial assessment is always free. We’ll ensure that you are fully informed on this matter and will notify you about the investigation and your legal rights when making a claim.

TAKE ACTION NOW!

data protection
, ,

Businesses must do more than pay lip-service to the idea of data protection

At the end of 2018, our managing director Kingsley Hayes revealed the key data privacy trends that our firm has seen since the General Data Protection Regulation (GDPR) came into force. You can read more about these trends here.

One of the most worrying things we are seeing is that the businesses entrusted to look after our personal information are doing little more than paying lip-service to the idea of data protection. Indeed we would argue that a lack of care is still rife, despite the tightening of our data protection laws.

What are we seeing?

At Hayes Connor Solicitors, we have received more than 2,500 enquiries from customers who have suffered as a direct result of a data breach. That’s in the last six months alone. Some of these cases saw breaches of personal, financial and sensitive data from big companies including the likes of Ticketmaster, British Airways, and Dixons Carphone.

Not just hackers

But, while these cases are important, every day smaller data breaches are causing misery and upset to people across the UK. And while these incidents don’t make the headlines, for those involved the experience can be just as devastating.

At Hayes Connor, our experts deal with a significant volume of data breach cases each day. During our work, we see many different types of claims and how data breaches can affect people in different ways. Crucially, in most cases, these data breaches aren’t caused by scammers trying to hack big businesses, but by simple human errors.

How are organisations responding to data breaches?

Disturbingly, regardless of the size of the organisation, or the type of the breach, many companies are falling short of what we would expect when a failure in data privacy occurs. In our experience, companies and their representatives (be they legal or insurance based) are still responding with a pre-packaged “we won’t do it again” approach. This fails to recognise the full impact of the breach, which can be significant and of a psychological nature.

In many instances, the accepted risk management plan seems to be:

  1. Say sorry
  2. Provide free security monitoring software
  3. Promise it won’t happen again
  4. Advise the customer that there is nothing that they can do to remedy any losses they might suffer.

Such absence of care over the very real impact of data breaches should not be tolerated or accepted. And, in 2019, we would challenge businesses to do more to meet their data privacy responsibilities and provide an adequate response where they fail to do so.  This is necessary to ensure that individuals can expect a standard of data protection we should all aspire too.

If this challenge is not accepted, more and more customers will look for help to protect their privacy, and claim back from organisations where they have suffered loss.

Leading by example

At Hayes Connor, we want to reduce the number of data violations taking place across the UK. To do this, we are helping to raise awareness of this issue and educating people and businesses to prevent similar mistakes from happening.

For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

 

cyberattack
, ,

Tesco fined over £16 million following cyberattack

Tesco Bank has been fined a whopping £16.4m fine following a cyber-attack. The incident, which took place in November 2016, resulted in cybercriminals stealing £2.26m from 9,000 people.

Following an investigation into the data breach, the Financial Conduct Authority (FCA) has now penalised Tesco for the ‘avoidable’ cyber-attack.

This is the first time that the FCA has issued a fine against a company for online fraud.

If you have suffered damage or distress caused by Tesco’s failings you might be able to claim compensation.

What happened in the Tesco data breach?

In 2016, Tesco suffered an “unprecedented” attack on its online accounts. During this attack cyber-criminals used an algorithm to generate authentic Tesco Bank debit card numbers and then, using those “virtual cards”, they carried out thousands of unauthorised debit card transactions.

Altogether, fraudsters stole a total of £2.26million.

What was the result of the Tesco data breach Investigation?

While Tesco was a victim of the cyber-attack, the FCA investigation has revealed that the attackers were able to exploit “deficiencies in Tesco Bank’s design of its debit card, its financial crime controls and in its Financial Crime Operations Team to carry out the attack”. As a result, these deficiencies left Tesco personal current account holders vulnerable.

The FCA also listed a catalogue of errors at the bank, including:

  • Not taking appropriate action to prevent the fraud from happening in the first place
  • Not responding to the attack with sufficient “rigour, skill and urgency”
  • Making a number of mistakes when dealing with the crisis
  • Ignoring warnings.

According to a spokesperson at the FCA, “The fine the FCA imposed on Tesco Bank today reflects the fact that the FCA has no tolerance for banks that fail to protect customers from foreseeable risks.

“In this case, the attack was the subject of a very specific warning that Tesco Bank did not properly address until after the attack started.

“This was too little, too late. Customers should not have been exposed to the risk at all.”

What should you do now?

While Tesco has refunded customers for any financial losses, if you have suffered damage or distress caused by its failings, you may be able to claim compensation.

Crucially, you can make a compensation claim if you have struggled emotionally following a data breach, even if you have not experienced any financial loss.

In this case, some victims were unable to access their funds when they needed them most, so were unable to pay for essentials such as food.

Being the victim of a crime can have a substantial impact on you mentally and physically. For some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. So you should seek compensation for a failure to look after your information correctly.

At Hayes Connor Solicitors, we are considering launching a group action to help victims of the Tesco data breach to claim compensation. If we believe you have a substantial group action case we’ll go through your options with you and may be able to act for you on a NO WIN, NO FEE basis.

Where cases are very similar, group actions can be a powerful tool and can have a bigger impact than a single claim.

REGISTER NOW TO FIND OUT HOW WE CAN HELP YOU.

 

data breach compensation
, , ,

How has the British Airways data breach hurt passengers?

At Hayes Connor Solicitors, we’re helping victims of the British Airways data breach to claim compensation after their personal information was put at risk by the airline. An organisation they trusted to look after it.

But all too often, we hear accusations that the people trying to recover from the BA data breach are “trying to get something for nothing”.

However, data privacy breaches can have a severe and often lasting impact on those affected. As such, we believe it is vital that organisations like BA are held to account for their failure to protect our personal information.

Brand loyalty is all well and good, but it’s vital that we don’t put the needs of big companies above the rights of customers.

Here’s why we believe it’s essential that people are able to hold businesses like BA to account.

The financial impact of cybercrime can be very harmful

Cybercrime can result in financial fraud and identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Despite claims from BA that it had not received reports of fraud resulting from the attack on its systems, in November last year it was reported that Russian hackers might have made millions selling credit card details stolen from BA customers.

And, even if nothing has been done with that information as yet, it doesn’t mean the stolen data is safe.

Working exclusively on data breach and cybercrime cases, it has become clear to our solicitors that the impact and losses people sustain following a data privacy violation are not always immediately apparent. Indeed, in the Ticketmaster data breach, we are starting to see cases where the impact only became clear months later. This is often because data stolen is used in batches over time.

To date, 63% of all the clients we took on in the Ticketmaster data breach case suffered multiple fraudulent transactions on their payment cards.

So, as yet it’s impossible to say how many people have been impacted by the BA data breach, and to what extent.

Certainly, according to an article in The Metro, at least one BA customer is reported to have suffered fraudulent activity on their credit card, which was used to book a BA flight during the time the data was at risk.

Your mental health matters

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is “no harm done.”

Being the victim of a crime can have a sizable and lasting impact on you mentally and physically. Everyone copes differently, but for some the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. Some data breach victims become paranoid and oversensitive about their personal privacy and can go on to develop depression.

Thankfully, over the last few years, people are waking up to the reality of mental health, and there is a greater awareness about the lasting effects of physiological suffering and anguish.

For example, following last year’s Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen. And, like the financial losses, often the full impact wasn’t felt until much later.

“The effects of crime can also last for a long time, and it doesn’t depend on how ‘serious’ the crime was. Some people cope really well with the most horrific crimes while others can be very distressed by a more minor incident”.

Victim Support

Despite this, the emotional impact of data breaches is still not being taken seriously by those organisations we trust to look after our sensitive information. And we believe this to be true in this case.

Following the BA data breach, the airline said that compensation claims would be discussed on an ‘individual basis’. However, it is not up to the airline to dictate the terms of any compensation payments. And it is certainly not clear how (or indeed if) BA intended to evaluate the emotional impact the data breach had on its customers.

“As a result of increased volumes of data breach incidents, lawyers and experts are using their respective skills to assess the psychological and social consequences, symptoms and ‘injuries’ in reliable and valid ways. Structured interviewing, psychometric assessment and perusal of medical and occupational records are all part of this process”.

Professor Hugh C. H. Koch visiting professor in law and psychology at Birmingham City University School of Law and clinical psychologist

Loyalty works both ways

Should a data breach happen, we would expect the organisation in question to do everything in its power to keep its customers safe and prevent further damage. But this doesn’t seem to be the case following the BA data breach.

Some customers have complained that they have not been contacted by British Airways about the data breach, despite having seen fraudulent activity on their payment cards. Others have complained about BA advising customers to go to their bank for advice, rather than issuing its own instructions to help travellers stay protected.

 Speaking to The Telegraph, one BA customer said: “I saw the tweet, that was the first I knew of it.” He added: “I’ve not heard anything from them on this and I’ve just had to cancel the card I used. They’re a shambles.”

Another customer said she had been left vulnerable after being forced to cancel her bank card while travelling alone in the middle of Vietnam. She tweeted that she was “furious” with the airline and that she only found out about the data breach from news; before BA had the decency to her that she was likely affected.

She went on to tweet: “All companies have problems, some of them will affect their customers. That is a simple fact of business. How the company reacts, communicates & cares, is everything.

“British Airways are failing badly on this. I can’t even get a team manager in their call centre to call me.”

 While another BA customer told the BBC: “I have six cards linked to my BA account. I have no idea how much of my data information has been stolen. I will have to go to each of my credit card providers, cancel the cards, and all the direct debits, etc., related to those cards. This will take a long time, something I have to do with no help from BA”.

 Make a British Airways compensation claim with Hayes Connor Solicitors

At Hayes Connor, we want to reduce the number of data violations taking place across the UK.

To do this, we are helping to raise awareness of data breaches and cybercrime, and educating people and businesses to prevent similar infringements from happening. For more advice on how to keep your data safe, follow us on Twitter and Facebook.

But, where a breach has already occurred, it’s vital that you can recover your losses. We could be talking about one of the most severe data breach cases to hit the UK, so it’s critical that people can get the help they need.

To join our British Airways data breach group action compensation claim, you will need to register with us. We’ll let you know what is happening in this case and if and when you can make a BA data breach compensation claim.

 REGISTER NOW

cyber hack
, ,

York council app hacked. What to do if you have been affected

According to reports, almost 6,000 people could have had their data breached after a City of York Council app was hacked.

In a letter sent to those potentially affected by the latest data breach, the council states that it has been contacted by a hacker who claims that they have found a way to access the personal data of residents using the One Planet York app. The app allows users to check their bin collection dates, and other information regarding recycling.

The compromised data includes phone numbers, encrypted passwords and addresses. It is not yet clear what the hackers have done with, or plan to do with the data. However, it has been suggested that the hackers could be someone who looks for data vulnerabilities in the public interest. This is because those responsible have not yet requested anything in return for the personal data.

The letter from the City of York Council says: “We value your privacy and deeply regret this incident occurred. We have conducted a thorough review of the One Planet York app, we have deleted all links with the app and as a result, will no longer support it going forward.

“We have deleted it from our website and asked for it to be removed from the app stores and ask that you now delete it from your device.

“We cannot say for certain what the third party responsible has done with the data.”

The incident has been reported to North Yorkshire Police.

App users have been advised to delete the app and change their passwords. However, at Hayes Connor Solicitors, we have considerable experience helping individuals whose data has been breached and would also recommend some additional steps to keep users safe.

This includes contacting your bank and credit card providers immediately if you suspect your financial data may be compromised and looking out for fraudsters who attempt to gather more personal information (phishing).

Furthermore, we would always recommend that you inform the Information Commissioner’s Office (ICO) about your concerns. The ICO is the body which undertakes investigations on behalf of individuals into suspected data breaches. You should also report any suspected phishing attempts to the police and relevant authorities. Also, if you need support following the data breach, Victim Support is on hand to help you.

Find out more about our partnership with Victim Support.

The public sector is privy to a wide range of our sensitive information and this data is regularly shared between organisations as part of modern governance and the delivery of public services. And, if you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation.

But, at Hayes Connor, we don’t just focus on compensation. In today’s digital world, your personal data is a valuable commodity. So, we want to do all we can to keep you, and your sensitive information as safe as possible.

 

data breach
, , ,

Should you hold British Airways responsible for its data breach?

At Hayes Connor Solicitors, we’re helping victims of the British Airways data breach to claim compensation after their personal information was put at risk by the airline.

However, in our work we often hear people talking about how companies like British Airways (BA) should not have to pay for the acts of unscrupulous hackers. And it’s true that cybercriminals are becoming increasingly sophisticated. But this doesn’t let negligent organisations off the hook.

The truth is that in most cases, data breaches happen because of a failure to implement reasonable and robust processes. We believe that this was the case at BA.

As such, claiming compensation isn’t just in your best interests. The only way big organisations will be persuaded to take their data privacy responsibilities seriously and make improvements is by hurting their bottom line.

Brand loyalty is all well and good, but it’s vital that we don’t put the needs of big companies above the rights of their customers.

Crucially, if BA had done everything in its power to protect its customers’ data, and had robust security processes in place, it is unlikely that a claim for compensation would be successful. This is why we usually wait for the results of an investigation by the Information Commissioner’s Office (ICO) before starting a group action.

So, was BA responsible for the data breach? Let’s look at the facts.

  1. British Airways didn’t spot the data breach for two weeks

In September last year, it was revealed that almost 400,000 BA customers had their bank card details stolen in one of the most severe cyber-attacks in UK history.

Worryingly, the hack went undetected for two weeks before BA told its customers about the breach and reported the incident to the police. BA has admitted that the hackers spent more than a fortnight accessing data online and we believe that this is a significant failure by BA – one that increases the risk to passengers substantially.

With 12 days between the BA data breach occurring and the incident being detected, questions have been asked as to whether poor systems made this cyber-attack worse.

  1. British Airways uncovered a second data breach when investigating the first

To make matters worse, when investigating this case, a second data breach was also spotted at the airline.

In this instance, 77,000 people had their names, addresses, email addresses and detailed payment information taken. This included card numbers, expiry dates, and card verification value (CVV) numbers. And, a further 108,000 people had their personal details stolen. This hack could have left customers exposed for months.

  1. Hackers could already have made millions from the British Airways data hack

Russian hackers may have made millions selling credit card details stolen from BA customers. Research has found that stolen data was put up for sale on the dark web about a week after the BA breach. Hackers were charging between £7 and £40 (approximately) for each card’s worth of information.

BA says it has not received reports of fraud resulting from the attack on its own systems.

  1. The British Airways hack might have been caused by the same hackers as Ticketmaster

According to reports, a cyber-criminal operation known as Magecart is behind the recent BA data breach. The group has been very active over the past three years. It is also thought to be behind the Ticketmaster data hack.

A report by RiskIQ states that clues link the same operation to the BA breach. The company said the code found on the BA site was very similar. However, the code was modified to suit the way the airline’s website had been designed. Crucially, if RiskIQ, is right about how the attack worked, a cybersecurity researcher has told the BBC that “BA should have been able to see this”. So the hack could have been very easily prevented.

Worryingly, in the Ticketmaster data breach case:

  • 63% of all the clients we took on suffered multiple fraudulent transactions on their payment cards, and
  • 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

What’s more, it is becoming increasingly clear that the impact and losses people sustain following a data breach are not always immediately apparent. Indeed, in the Ticketmaster data breach, we are starting to see cases where the impact occurred months later. This is often because data stolen is used in batches over time.

So, as yet it’s impossible to say how many people have been impacted by the BA data breach, and to what extent.

  1. British Airways has been accused of not taking its responsibilities seriously following the data breach

Following the BA data breach, the airline said that compensation claims would be discussed on an ‘individual basis’. However, it is not up to the airline to dictate the terms of any compensation payments.

In response, customers took to the media to share their fury at the airline’s handling of the privacy violation.

According to an article in The Metro, one BA customer said “They talk about compensation to be discussed on a case-by-case basis. To me, this seems incredibly unprofessional.”

He added: “They are trying to not take full responsibility for it”.

The same customer is reported to have suffered fraudulent activity on his credit card, which he used to book a BA flight during the time the data was at risk.

Some customers have complained that they have not been contacted by BA about the data breach, despite having seen fraudulent activity on their payment cards. Others have complained about BA advising customers to go to their bank for advice, rather than issuing its own instructions to help travellers stay protected.

One BA customer told the BBC: “I have six cards linked to my BA account. I have no idea how much of my data information has been stolen. I will have to go to each of my credit card providers, cancel the cards, and all the direct debits, etc., related to those cards. This will take a long time, something I have to do with no help from BA”.

Make a British Airways compensation claim with Hayes Connor Solicitors

At Hayes Connor, we want to reduce the number of data violations taking place across the UK.

To do this, we are helping to raise awareness of data breaches and cybercrime, and educating people and businesses to prevent similar infringements from happening. For more advice on how to keep your data safe, follow us on Twitter and Facebook.

But, where a breach has already occurred, it’s vital that you can recover your losses. We could be talking about one of the most severe data breach cases to hit the UK, so it’s critical that people can get the help they need.

To join our British Airways data breach group action compensation claim, you will need to register with us. We’ll let you know what is happening in this case and if and when you can make a BA data breach compensation claim.

 REGISTER NOW

data breach
, , ,

Ticketmaster data breach: don’t leave it too late to claim compensation

Last year, Ticketmaster admitted that thousands of UK customers had their personal and financial details stolen as part of a huge data breach.

Over the last few months we’ve talked to hundreds of people who have been affected by this shocking privacy breach, and our compensation claim on behalf of 650 claimants is now ready to proceed.

If you want to be included in our NO WIN, NO FEE claim, it’s vital that you act now.

 The clock is ticking!

Last week we sent our claim to Ticketmaster’s solicitors and they have 28 days to respond. At the end of this period, depending on how many people have joined our action, we may not be able to take on any more claimants.

We believe that we are the only UK legal firm currently launching a multi-party action against Ticketmaster. So, if you want to secure compensation for the impact the data breach has had on you, don’t leave it too late.

GET IN TOUCH TODAY. 

 Why join our multi-party action?

 A data breach can result in both financial and/or identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

But it is becoming increasingly clear that the impact and costs people sustain following a data breach are not always immediately obvious.

We are seeing cases where the losses incurred as a direct result of the Ticketmaster data breach are only starting to become clear. This is because data stolen is often used in batches over time.

Nine months after the Ticketmaster data breach, we have discovered that:

  • 63% of all our clients have suffered multiple fraudulent transactions on their payment cards
  • 31% of all clients involved in this case suffered from distress and/or psychological trauma.

What is a multi-party action?

Multi party actions give our clients more power against big businesses. This is because a group of people who have suffered the same or similar injuries due to the negligence of the same defendant (in this case Ticketmaster) join together to claim for compensation. In short, it gives us strength in numbers.

 Don’t wait and don’t miss out

If you have been affected by the Ticketmaster data breach, either financially or emotionally, we can help!

Simply register with us and we’ll talk you through the next steps.

Making a claim is simple and doing so sends a message to organisations everywhere that they must do more to protect their customers from identity and financial theft, and emotional distress.

REGISTER NOW

 

notjusthackers
, , ,

Is someone applying for credit in your name?

Earlier this week, an interview on the BBC’s Money Box programme revealed that companies you have never heard of could be searching your details on credit rating sites without your knowledge. This could mean that your details have been hacked and that scammers are using your information to apply for loans and carry out identity theft.

You can listen to the interview here (go to 17:53).

In the programme, a Money Box listener explained how he had signed up for alerts on his account following the massive data breach at Equifax in 2017. He did this to keep on top of his credit score.

Credit search alerts

The alerts are available as part of a paid for subscription service and, in October last year, he was notified about two searches on his credit reference data by insurance companies. However, the man had not applied for insurance, either directly or through a comparison website.

He then queried the searches with Equifax, asking how they could help him, but was not given a satisfactory answer.

This is very worrying. If someone does manage to steal your identity they could open bank accounts, obtain credit cards, take out loans or mobile phone contracts, buy things and even apply for a passport in your name. Ultimately this could lead to your finances, credit rating and reputation being harmed.

What can Equifax do?

Very little it would seem. In fact, when asked by Money Box what could be done in such a situation, Head of Customer Experience at Equifax, Lisa Hardstaff, said that it was up to the customer to talk to the companies doing the searches themselves, rather than to Equifax to sort it out.

What can you do to protect yourself?

Worryingly, this is not the first time we have heard of this happening. It is not unusual for an individual who has had their data stolen to find that someone goes on to apply for various finance such as bank accounts, credit cards, mobile phones and online shopping accounts in their name.

Even worse, in some cases when an individual tries to check their credit record following suspected fraud they may find that they are unable to because the scammer has already opened an account in their name.

In response to this issue, we would strongly recommend that you check your credit record to see if there are any searches that you don’t recognise.

Other ways to check if someone has stolen your identity include:

  • Keeping an eye on your bank and credit card statements to see if there is anything you don’t recognise
  • Making sure you read your credit card statements and other letters that come from your bank.

If your identity has been stolen, you should:

  • Contact your bank/credit card provider immediately
  • Consider a credit freeze until the matter is resolved
  • Report the scam to the police and contact Action Fraud for advice on what to do next
  • Let the credit reference agencies know of any activity that was not down to you
  • Register with the Cifas protective registration service. This will slow down credit applications made in your name with additional verification checks made to ascertain that the applicant is actually you.

The impact of identity theft

The real-life impact of identity theft can be devastating. It can have a significant effect on you mentally and physically. For some people, the results can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, family and job. So it’s vital that you do everything you can to protect yourself.

At Hayes Connor, we are currently investigating a spike in identity theft following the Equifax data breach. If you have been affected by this breach and are worried that your data could be used against you, please let us know. We will thoroughly assess the impact the violation has had on you and help you to claim the compensation you deserve.

LET US KNOW HOW THE EQUIFAX DATA BREACH HAS AFFECTED YOU.

Alternatively, if you are worried that your data is being used to commit identity fraud following another data breach, you can let us know here.

breach compensation
, ,

Making a compensation claim helps to address the real-life impact of data breaches

At Hayes Connor Solicitors, we help our clients to make compensation claims after their data has been put at risk by the organisations they trust to look after it.

In some cases, these data breaches are massive news stories following hacks against the likes of Ticketmaster, Equifax and British Airways. But, every day, we also help people come to terms with smaller data breaches that have a severe and often lasting impact on them.

But, although we believe that these organisations must be held to account for their failure to protect our personal information, all too often people who make a data breach claim are accused of “trying to get something for nothing”. So let’s set the record straight.

The impact of cybercrime can be devastating

Cybercrime can result in both financial and/or identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Following last year’s Ticketmaster data breach, 63% of all the clients we took on suffered multiple fraudulent transactions on their payment cards.

Worryingly, getting your money back following a scam is not always easy. For example, in a recent example of takeover fraud, a customer of the Royal Bank of Scotland (RBS) had more than £4,300 stolen from her account despite the fraudulent caller answering one of her security questions incorrectly. Despite the failure in their processes, the bank maintained that the customer was aware of the transaction and refused to refund her. Find out more about this case.

Claiming for distress isn’t an overreaction

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is “no harm done.”

A personal data breach is a 21st-century version of being burgled. If a criminal came into your home and stole your private information, you would be distressed. So why should you feel any less upset at having your online data taken?

Following last year’s Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

Being the victim of a crime can have a significant impact on you mentally and physically. Of course, everyone reacts differently, but for some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. So being told to just “get over it” isn’t helpful.

According to Victim Support: “The effects of crime can also last for a long time, and it doesn’t depend on how ‘serious’ the crime was. Some people cope really well with the most horrific crimes while others can be very distressed by a more minor incident”.

Even smaller data breach cases can have a huge impact. For example, in a recent case, our solicitors saw the impact of what can happen when sensitive information was sent to the wrong address by mistake.

Thankfully, over the last few years, people are waking up to the reality of mental health and there is a greater awareness about the lasting effects of psychological suffering and anguish. Crucially, the law agrees and recognises the amount of damage that can be caused by having your information stolen.

Holding organisations to account could be the only way to ensure they take your security seriously

The sheer scale of the information we share with organisations is enough to leave us all open to the threat of fraud, anxiety and stress. So it’s no surprise that we are worried about what could happen if this data gets into the wrong hands. As such, something has to be done to make companies accountable for any harm done.

Cybercriminals are becoming more and more sophisticated. But this doesn’t let these organisations off the hook. If they have done everything in their power to protect your data and have robust security processes and procedures in place, it is unlikely that a claim would be successful. In fact, this is why we usually wait for the results of an investigation by the ICO before starting a claim.

But the reality is that in most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests, the only way these organisations will be persuaded to take their responsibilities seriously and make the necessary improvements is by hurting their bottom line.

The real-life impact of data breaches

At Hayes Connor, we want to reduce the number of data violations taking place across the UK. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.