staying safe online
,

An essential guide to staying safe online

Today, most of use the internet to help make our day-to-day lives better. But despite its benefits, the more information we put online, the more likely it is that something will go wrong. In response, TITAN, the North West Regional Organised Crime Unit has created a handy guide about staying safe online.

The guide has the support of www.getsafeonline.org, the UK’s leading source of unbiased, factual and easy-to-understand information on online safety. It contains lots of helpful guidance to protect you and your data from the threat of fraud, identity theft and abuse.

As well as encouraging you to share the booklet with your friends and family, TITAN also suggests that it can be used as a memory-jogger whenever you need a quick reminder.

What does the guide tell us about staying safe online?

Protecting your devices

To ensure you are safeguarded, the booklet suggests that you follow the following ‘golden rules’:

  • Choose, use and protect your passwords carefully
  • Use a different password for every account (if you are worried about remembering them all you could sign up to a password manager)
  • Never share your passwords with anyone
  • Make sure your devices are protected by internet security software
  • Keep internet security software up-to-date
  • Never give away too much personal or financial information
  • Don’t click on any links or attachments unless you are 100% sure you can trust the source
  • Take your time and think twice to keep yourself safe.

Online shopping

Online shopping can be risky business if you are not sure what to look out for. Follow these handy tips to keep your financial information safe:

  • Look for third-party reviews or get recommendations from people you trust to make sure an online retailer is reputable
  • Check that the payment page is secure (is there a padlock in the browser frame and does the page address start with https://)
  • Never pay by bank transfer into a seller’s bank account unless you know and trust them
  • Don’t buy anything online via an unsecured Wi-Fi connection such as a hotspot in a café. Instead, make sure you are connected via your secure Wi-Fi or a 3G/4G connection
  • Know that if you pay by credit card you are afforded greater protection
  • Choose, use and protect your passwords carefully and use a different password for every online shop in case your details get hacked
  • Logout after you’ve finished your shopping session
  • Keep an eye on your bank and credit card statements to see if there is anything you don’t recognise.

Banking

Banking fraud is in the rise, so it’s vital that you know how to protect yourself online. For example:

  • Never share any sensitive information about yourself or your accounts, like your PIN or full banking password. Your bank would never ask for this information
  • Never be talked into withdrawing or transferring money for safekeeping
  • Don’t use online banking via an unsecured Wi-Fi connection such as a hotspot in a café. Instead, make sure you are connected via your secure Wi-Fi or a 3G/4G connection
  • Don’t click any links that claim to be from your bank. Always go to your bank’s website by entering its proper address
  • Don’t let friends, family or anyone else borrow your payment cards
  • Keep an eye on your bank and credit card statements to see if there is anything you don’t recognise.

Social media

When it comes to social media, too many of us are still willing to hand over our information without thinking about the consequences. To protect yourself online:

  • Don’t accept friend requests from people you don’t know
  • Don’t be talked into any activity that makes you uncomfortable (e.g. sending images or extremist behaviour)
  • Being careful about what private information you share online – either about yourself or your friends/family
  • Don’t post anything that might offend or embarrass you or someone else. What goes online stays online, and this could cause you problems now and in the future
  • Review your privacy settings regularly
  • Review your contact list regularly
  • Use a different email account to register with the different social media platforms
  • Never post abusive comments that might offend individuals or groups of society. In some cases trolling is a criminal offence
  • Being aware of common phishing techniques and keeping an eye out for fraudsters who attempt to gather additional personal information.

Keeping children safe online

Today’s children are digital natives – and they use technology from a very early age. But we still need to keep them same online. To help do this:

  • Work with children, educating them as they grow about the benefits and risks of the internet
  • Be on hand to answer any questions they might have
  • Put safeguards in place such as parental controls and filters
  • Be digitally aware and informed about the latest apps, platforms etc.
  • Speak to other parents to share information.

Running a business

When you’re running a business, the last thing you want to think about is the possibility of things going wrong. But the right preparation won’t just reduce the likelihood of data breaches occurring; it will also limit the fallout should the worst happen. To help keep your business safe online:

  • Run regular online safety and data protection training for all employees
  • Encourage staff to question anything they are unsure about or which seems irregular
  • Make sure physical access to devices and servers is strictly controlled
  • Introduce an Acceptable Use Policy for mobile devices
  • Carry out regular backups
  • Enforce strict access to company, employee and customer data
  • Have a software policy in place that covers usage, updates, licences, etc.
  • Make sure you safely dispose of hardware and data.

You can find more helpful information about staying safe online at www.getsafeonline.org.

Reporting cybercrime

Action Fraud is the UK’s national reporting centre for fraud and cybercrime.

Victims of online offences such as scams and financial/identity fraud should contact Action Fraud to report their loss. You can do this online or via telephone.

For any other form of cybercrime such as online stalking, harassment, or fears about sexual grooming, you should contact the police directly.

Not just hackers

While the threat of cybercrime is something that everyone needs to take seriously, human error remains the leading cause of breaches. And, these errors (which are just as likely to happen offline) must also be addressed.

At Hayes Connor, our expert solicitors deal with a significant number of data breach cases every day. During our work, we see many different types of claims and understand how data breaches can affect people in different ways.

TAKE A LOOK AT OUR CASE STUDIES TO FIND OUT MORE ABOUT THE TYPES OF DATA BREACHES THAT ARE OCCURRING ACROSS THE UK.

For more advice on how to keep your data safe, follow us on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

Hayes Connor Solicitors
,

Hayes Connor Solicitors – why we do what we do

Here at Hayes Connor Solicitors, our core aim is to help our clients get the redress they deserve following data protection breaches, cybercrime, and other online offences. And we often talk about the types of data breach cases we are involved in and how we advise and support our clients.

If you want to see some examples of this, you can check out our case studies here.

But, as well as understanding the type of work we do, we also think it’s essential that you know a little bit more about us when choosing a solicitor. So with that in mind, what is it that we are passionate about, and what makes us tick?

Exceeding the expectations of basic client care and professionalism

Ask any solicitor and they will tell you that they act professionally and look after their clients. But, at Hayes Connor Solicitors, we want to do more than meet your basic expectations – we want to exceed them.

With this in mind, we are continually looking for ways to improve and enhance our service and have created a culture where promises are kept.

In 2019, we were delighted to be recognised for our efforts in this area when we were highly commended at the Eclipse Proclaim Modern Law Awards.

Keeping you informed. Every step of the way

A relatively new and evolving area of law, our specialist data breach and cybercrime solicitors lead our field when it comes to understanding the complexities involved. And we have invested heavily in client education to ensure you do too.

For example, we have created jargon-free content on subjects such as:

We do this because we want our clients to have as much information as possible before making a claim so that they feel fully informed at all times. Through this approach, the data breach claims process is easy to understand, straightforward and stress-free.

We hate spam and pushy lawyers!

At Hayes Connor Solicitors, we only ever deal with organic enquiries. We never buy data, cold call, or send spam texts or emails. Even our PPC campaigns are monitored to reduce the spam effect, and we never pressure anyone into making a claim. We feel this is essential when it comes to protecting our clients, and upholding the standards of the legal profession.

Protecting our clients from the impact of data breaches and cybercrime

To do this, we seek compensation to help them get their lives back on track as soon as possible. But we don’t believe that our obligation to our clients stops there. So, we also provide a wide range of information to help our clients protect themselves once a breach has occurred.

We also work with Victim Support to help those affected by cybercrime and data breaches. The partnership sees us provide the charity with regular expertise and advice on its legal content.

Stopping data breaches happening in the first place

At Hayes Connor, we create regular content to help raise awareness of the growing threat of cybercrime and data breaches. We do this because the more people are aware of the risk, the better protected everyone will be.

Removing the hassle from making a data breach claim

As consumers, we all want a fast, efficient, no-nonsense service – and that’s precisely how we deliver legal services to our clients. As such, we use the latest technology and a highly-trained team to provide excellence of service quickly.

The technology used at our firm has also helped us to understand what our customers need from us, and we use this insight to provide information across several platforms, including social media.

It’s this commitment to continued service improvement which means we are at the forefront of our industry when it comes to using ground-breaking technology to meet the needs of our customers. Enquiries are dealt with sooner, cases are more thoroughly reviewed, and customers are responded to much quicker.

Committed to data protection

We know that making a claim can be difficult. Particularly where your sensitive information has already been breached or another online offence made against you.

Once we have your details, we treat these with the utmost care, compassion, and privacy.  We never pass on these details to third parties for marketing purposes – or indeed for any other reason without express permission. This commitment to ensuring our customers’ peace of mind is absolute.

As well as making sure all personal details are protected/confidential, we also deal with all enquiries sensitively and professionally, and we never ask unnecessary or intrusive questions.

Hayes Connor Solicitors is a niche firm operating in the data breach and protection sector. We help our clients to claim the compensation they deserve following data protection breaches and other cyber offences such as computer fraud, identity theft, defamation, hacking, phishing scams, and more. Find out more about us and the work we do.

eu data breach
, ,

Home Office guiltily of EU Settled Status data breach

In a recent blog, we looked at how an administrative error by the Home Office exposed the email addresses of hundreds of Windrush migrants. And the department hasn’t learned from its mistakes. An EU Settled Status data breach has now endangered the details of hundreds of EU citizens in the UK.

EU Settled Status data breach

In the latest “administrative error”, the Home Office failed to conceal email addresses in a group communication. This email was sent to applicants of the EU Settled Status scheme. The controversial scheme allows EU nationals and their families to secure their rights in the UK after Brexit.

In total around 240 email addresses were revealed.

The breach happened on Sunday 7 April. It occurred because the department failed to use the ‘bcc’ function when sending a bulk email. The breach is likely to have made a stressful situation even worse. Particularly as these applicants had already faced technical difficulties while trying to keep their rights in the UK.

The Home Office has since apologised to those affected. The Information Commissioner’s Office (ICO) is aware of the breach. It will now decide whether or not to launch a full inquiry.

What have people said about the EU Settled Status data breach?

Nicolas Hatton, from the 3 Million campaign group said: “It feels like it adds insult to injury”. While one recipient of the email told the BBC that she was outraged and was considering returning to Germany.

Shadow Home Secretary Diane Abbott said: “Data breaches are now a matter of routine, while all those who are unfortunate enough to have to deal with the Home Office face a combination of indifference, incompetence and the hostile environment.”

Conservative MP Alberto Costa has called on the Government to scrap the “morally repugnant” system.

What can you do if you have suffered because of the EU Settled Status data breach?

Experiencing a data breach can result in significant stress and anxiety. And this can lead to a diagnosable psychological injury.

For people who are already worried about their rights being removed following Brexit, knowing that their personal information has been violated could be particularly distressing.

If you have suffered damage or distress caused by the EU Settled Status data protection breach you could have a right to claim compensation. To find out how we can help you recover any losses, contact us to discuss your case.

For more advice on how to keep your data safe, follow us on Twitter and Facebook.

Data breaches are a “time bomb”
, ,

Data breaches are a “time bomb”

Earlier this week, a leading security expert warned that data breaches are a now a “time bomb”. This is because too many companies are putting confidential customer information at risk.

The comments were made to the BBC by Bryan Sartin. Bryan is head of global security service at telecommunications company Verizon. They were made following the publication of a report which analysed thousands of successful cyber-attacks.

The annual Verizon Data Breach Investigations Report (DBIR) collated information from more than 41,686 security incidents, of which 2,013 were confirmed data breaches that hit large and small organisations all over the world.

Sartin, said he was “surprised” more breaches had not become public and suggested that there are “probably some big situations queuing up right now”.

Key findings

Significant findings of the 2019 report include:

  • 52% of breaches were caused by hacking
  • 33% of breaches were caused by social engineering attacks. This is where people are manipulated into breaking normal security procedures in order for criminals to gain access to systems
  • Cyber thieves are increasingly and proactively targeting C-level executives
  • 71% of breaches were financially motivated
  • 25% of all violations were associated with espionage
  • 29% of breaches involved stolen credentials.
  • 56% of breaches took months, or even longer to discover.

What can we learn from this report?

UK companies that lose data face fines of up to 4% of their global revenues under current data protection law. Organisations are at greater risk of penalties if they delay reporting data breaches. And/or if they are found to have failed to protect personal data or clean up after a breach. So, it’s important that they take the threat of cyber-attacks very seriously.

Speaking about the latest findings, Hayes Connor managing director and data protection heavyweight Kingsley Hayes added his insight on this matter.

He said:

“Unfortunately, reports of a data breach time bomb are not exaggerated. In fact, we’ve been warning organisations about the level of risk they are exposed to since before GDPR.

“Having received thousands of enquiries from customers who have suffered as a direct result of a data breach caused by a cyber attack in the last twelve months alone, it has become clear to us that this is just the tip of the iceberg. And, disturbingly, the response provided by many of these organisations falls short of what we would expect. Businesses must do more to meet their data privacy responsibilities and provide adequate redress where they fail to do so, or risk increased compensation claims.

“But it’s also vital to highlight, that the vast majority of data breaches are not caused by cybercriminals, but by simple human errors and a failure to ensure robust security processes. And every day, these smaller data breaches are causing misery and upset to people across the UK.

“So, when it comes to data breaches, it’s just as important that businesses look at the threat from within, as well as putting measures in place to protect themselves from the bad guys.”

SOLICITORS
,

British consumers likely to avoid organisations following a data breach

Customers in the UK are more likely to change their spending habits following a data breach than those in the US. That’s according to research into consumer trust and spending habits[1].

In fact, 41% of UK customers would stop spending money with a business forever following a data security breach compared to just 21% of US consumers.

The research also found that:

  •  26% of UK customers won’t spend money with brands they don’t trust to handle their data. That figure drops to just 18% for Americans
  • Americans are more likely to be a victim of a security breach than Brits (44% as opposed to 38%)
  • Retail and travel industries are among the least trusted industries on both sides of the Atlantic
  • 56% of UK respondents were uncomfortable about giving out their credit card details over the phone. However, this figure dropped to just 42% for their American counterparts.

For UK businesses, the findings issue a stark warning about the potential consequences of a data breach.

According to a spokesperson for the report:

“Awareness of data security is something that is on everyone’s radar, yet our UK and US surveys have highlighted some real differences of opinions and traits, when comparing attitudes to data and payment security between the two countries.

“UK consumers certainly seem more guarded with providing personal information, such as payment card details, over the phone, yet the US is catching up fast. Similarly, if a security breach has occurred at an organisation, Brits appear more likely to avoid that organisation in future, and instead go elsewhere. In my opinion, 2019 is the year that organisations need to take steps to provide far clearer assurances to consumers as to how their data is being captured, processed and stored otherwise customers are not going to wait, and they may find them going elsewhere for their purchase.”

Smaller doesn’t mean safer

British consumers shouldn’t be complacent as the report shows that there is still a lack of awareness about cybercrime and data breaches. According to the findings, over half of UK respondents (55%) felt they could trust a local store with their data more than a national company.

But, according to UK government statistics, smaller organisations are experiencing a significant number of cyber-attacks. In fact, with 42% of small and micro businesses identifying at least one breach or attack over a 12 month period[2].

So, more small and medium sizes businesses are being affected by data breaches than ever before. And, in many cases, cybercriminals are specifically targeting smaller companies. This is because they are less likely to invest in robust cybersecurity processes. So, when handing over your valuable data you need to be aware of the risk. Regardless of whether you are giving to a national bank or a local hairdresser.

Be aware. Be safe from a data breach

At Hayes Connor, we want to reduce the number of data violations taking place across the UK. To do this, we are helping to raise awareness of this issue. We are also educating people and businesses to prevent similar mistakes from happening.

For more advice on how to keep your data safe, follow us on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses. Or give us a call our helpline to discuss your case in more depth.


[1] PCI Pal

[2] https://www.gov.uk/government/news/new-figures-show-large-numbers-of-businesses-and-charities-suffer-at-least-one-cyber-attack-in-the-past-year

data breach
, ,

How to stop your phone from tracking your every move

Did you know that some companies are using your smartphone to track you throughout the day? And quite often you will have agreed to this personal surveillance simply by agreeing to the terms and conditions of using a service.

If you are worried about the likes of Facebook and Google using your phone to keep tabs on you, there are some steps you can take to take back ownership of your personal data and privacy.

How to protect your privacy

  • Turn off location history
  • Delete your location history
  • Delete apps that you no longer use from your device
  • Avoid apps that demand access to a huge amount of personal data (e.g. Facebook Mobile). Instead you can access these services via a browser with a private mode
  • Check the default settings of all the apps you use.

However, when you turn off location history, Google still tracks your location when you use key services including Maps, search and weather. To prevent Google from doing this:

Android

  • Go to Settings
  • Select Google
  • Select Google Account
  • Select the Data & Personalisation
  • Select Web & App Activity and toggle off

IPhone

If you really want to prevent your phone from tracking you, you should also turn off location services on your iPhone or Android device and only turn this back on when needed (e.g. when you want to use Google Maps). However in doing so your phone will feel a whole lot less useful.

Check out this page to see everywhere you have been with your phone.

If you are worried about how your data has been used and want to speak to one of our experts contact us today

Our website is changing

Our website is changing!

At Hayes Connor, we want to reduce the number of data breaches taking place across the UK. As such, we are raising awareness of data privacy and cybercrime, and educating people and businesses to prevent data privacy violations from happening.

To help us to do this, we have recently reviewed the look and flow of our website to make sure you can find everything you need as quickly as possible. And, following this review we are now making some small changes to our site.

While we make these changes you might find that our website isn’t working exactly how you would expect it to.

Thank you for sticking with us while we make things better.

data breach solicitors
, , ,

What can happen when medical information falls into the wrong hands?

The world is rapidly going digital. And, this online information revolution has seen most organisations move away from paper record keeping. However, over the last few years, such information has proved a lucrative target for hackers.

But, when it comes to information falling into the wrong hands, in most cases, it is human error rather than cybercrime that is the biggest cause of data breaches. And, these errors are just as likely to happen offline.

In a recent case, our solicitors saw the impact of what can happen when sensitive medical information was sent to the wrong address by mistake.

What happened in this case?

In this data breach, HM Courts & Tribunals Service (HMCTS) sent a copy of a confidential medical report to a person’s former partner by mistake. The report from a doctor said that the man (our client) was depressed and suicidal.

Once our client’s ex read the report – a document that she should never have had access to – she used its contents in an application to reduce his contact with his children. This application was successful (the court was not aware how this information was obtained).

As a direct response of the admin error, this data breach has had a devastating impact on our client. Having reduced contact with his children has caused him considerable distress and upset as well as aggravating his mental health problems.  So, in this case, the consequences have been particularly severe.

What can you do to stop this from happening to you?

When handing over your postal address to an organisation, it is vital that you check that these details have been taken down correctly.  You are completely within your rights to ask for a copy of the data an organisation holds about you. This is called making a subject access request (SAR). This won’t guarantee that an error doesn’t result in information going to the wrong address, but it is a good safety precaution to take. Find out more about making a SAR.

You should also ask any organisation that has access to your medical records about what type of information they share and with who.

You can also choose not to have your medical information shared or used for any purpose beyond providing your own treatment or care. This choice is known as a national data opt-out. Find out more about the national data opt-out.

Of course, there may be instances (as in this case) where you need or want to share this information. Likewise, your confidential patient information may still be used when there is a legal requirement to provide it.

Lessons learned

The duty of confidentiality goes beyond undertaking not to divulge confidential information; it includes a responsibility to make sure that written patient information is kept securely.

If you are an employee of a medical organisation or a government agency or department and you want to make sure that you don’t make a similar mistake, talk to your employer about any processes that can be put in place to make sure that the addresses of your customers are correct. This is especially important if you deal with sensitive information such as medical reports. Such steps could include things like additional data protection training, and checks and balances on systems generating correspondence.

For more advice on how to keep your data safe, follow Hayes Connor on Twitter or give us a like on Facebook. Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

notjusthackers
, , ,

Woman threatened after her gym shared her home address with another customer

Data breaches are never out of the news. But while most of us worry about getting our identity or money stolen after a hack, we don’t tend to consider the possibility of physical threats. But, in a recent case, our solicitors saw the impact of what can happen when a woman’s address was handed to an angry customer by mistake.

What happened in this case?

In this data breach, a gym provided a woman’s personal details (our client) to another customer who shared her name.

This other person had received emails from the gym intended for our client. The emails were sent chasing missed payments. Confused as to why she was receiving the emails, the other woman became concerned that she had become the victim of identity theft. And, when she questioned the outstanding payments with the gym, a member of staff supplied her with our client’s home address.

Following this, the woman’s father went to our client’s home and banged on her door, accusing her of attempting to “clone” his daughter’s identity. Our client was at home with her two young children, one of who is disabled, and she found this experience both frightening and upsetting.  She then contacted the gym to find out what was going on and received an apology for the mix-up.

However, the other woman’s father still did not understand that our client was not at fault. And, when our client returned from holiday, she received three letters from him, all of which contained threats. As a result, she reported the incident to the Police and Action Fraud.

It seems despite becoming aware of the situation, the gym continued to send emails to the wrong woman demanding payment. These emails also disclosed some of our client’s bank card number.

As a direct response of poor systems, and a failure to cross-reference their systems to identify distinguishing features between both customers, this data breach has caused our client considerable distress, upset and even fear. As such the consequences of the error were particularly upsetting.

Have you been in a similar situation? Contact us today.

What can you do to stop this from happening to you?

There are a few lessons that can be learned from this case. For example, when handing over your email address to an organisation, it is vital that you check that these details have been taken down correctly.

You are completely within your rights to ask for a copy of the data a business (or any other organisation) holds about you. This is called making a subject access request (SAR). Find out more about making a SAR.

Of course, this won’t guarantee that an error doesn’t result in an email going to the wrong address, but it is still a good safety precaution to take.

What’s more, if you do find yourself in a similar situation to our client, like her you should report the incident to the Police and Action Fraud. Action Fraud is the UK’s national reporting centre for fraud and cybercrime in England, Wales and Northern Ireland.

Find out more about Action Fraud here.

Alternatively, if you are an employee of a gym or any other business and you want to make sure that you don’t make a similar mistake, talk to your employer about any processes that can be put in place to make sure that the information you hold on your customers is correct. Such steps could include things like additional data protection training, and checks and balances on systems generating correspondence.

For more advice on how to keep your data safe, follow Hayes Connor on Twitter or give us a like on Facebook. Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

boutique law firm

Hayes Connor highly commended as boutique law firm of the year

We are delighted to announce that Hayes Connor Solicitors was highly commended at the Eclipse Proclaim Modern Law Awards in the boutique law firm of the year category.

The prestigious awards, which are now in their sixth year, celebrate and identify sparkling talent and success in the modern legal services arena. They also showcase and set the benchmark for best practice in the ever diverse, challenging and exciting legal landscape.

The event organisers were overwhelmed with nominations this year, receiving more submissions than ever, so it is a significant achievement by our firm.

The boutique law firm of the year category honours firms that specialise in a niche area of law. In our case, data breach and cybercrime.

The judges made their award based on the following criteria:

  • A practice that has performed exceptionally in terms of establishing itself in its chosen market
  • A firm that has demonstrated extensive development and progress as a business, including, but not limited to; strategy, growth, financial performance, employee development, diversity and training
  • An innovative practice that has demonstrated its ability to creatively and effectively compete with multi-practice firms
  • A practice that exceeds the expectations of basic client care and professionalism.

The award ceremony took place on Thursday 31st January in Victoria Warehouse, Manchester.

Commenting on the accomplishment, Kingsley Hayes, managing director at Hayes Connor said: “Our core aim is to help our clients get the redress they deserve following data protection breaches, cybercrime, and other online offences. And, despite an almost entirely online approach, Hayes Connor Solicitors has fast become one of the most recognised names in the sector.

“Over the past 12 months, our firm has established itself as the only niche provider of legal services in the data protection, GDPR and cyber fraud area. This is all we do, and we have become a true specialist in this area of law. We are thrilled that we are being recognised for our achievements in his area.”

As well as the boutique law firm of the year commendation, Hayes Connor was also shortlisted in the Marketing and Communication Strategy of the Year category. This class looks at firms which have shown exceptional originality and innovative thinking in this area.

We were shortlisted based on the work we have done to establish our position as a thought-leader in data breach and cybercrime legal services; informing and educating consumers on their rights.

While we are disappointed to miss out on this award, we recognise the strength of this category and congratulate the winner.