Home / News & Resources / News & Updates / April Data Breach Roundup

April Data Breach Roundup

  • Posted on

April has certainly been a busy month. With fewer April showers and more sunny days, you can almost taste the sweet smell of summer. But there doesn’t seem to be an end to data breaches. Instead, it’s been an eventful month with many data breach victims.

Here you can find our short roundup of the most significant data breaches exposed in April 2022, as well as our recent work in supporting victims of data breaches.

Are you a victim of a data breach looking to seek compensation for your suffering? Don’t hesitate to contact the specialist team of data breach experts at Hayes Connor today.

Our recent work supporting victims of data breaches

Employee details stolen in Graham & Brown cyberattack

Employees of decorating supplier company Graham & Brown had their sensitive information exposed following a cyber attack that took place earlier this year.

This was revealed in a letter to employees, confirming that the company has received direct communication from the cyber criminals responsible for the attack, who claim to hold several files containing UK personnel records.

It is believed the compromised records contained personal data and sensitive information such as:

  • Names
  • Addresses
  • Contact details
  • National Insurance numbers
  • Bank account details
  • Medical information
  • Passport numbers
  • Driving licence copies

The company has confirmed that it is reporting the breach to the Information Commissioner’s Office (ICO), which is a legal requirement under UK data protection law.

To read more about this story, click here.

Award winning mattress company, Emma Sleep, faces cyber attack

Emma Sleep mattress company was subject to a cyber attack that happened between January and March 2022. The attack on the company resulted in the potential theft of customer’s sensitive data across 12 countries.

The company have confirmed that the attack is a ‘Magecart attack’, where malicious code was embedded onto the companies Abode Magento ecommerce platform checkout page that scanned card data entered into the browser.

Dennis Schmoltzi, CEO of Emma Sleep made a statement expressing:  “Personal customer information, including credit card data, was stolen. While we never process or store credit card data ourselves, the type of attack was redirecting information as it was typed into form fields in the browser of the user.”

To read more about this story, click here.

Customers of Funky Pigeon were impacted by cyber attack on the brand

Online card and gifts retailer Funky Pigeon were a victim of recent cyber attack, potentially leaving customer’s personal details exposed, including full names, email addresses, telephone numbers and personalised card and gift designs, including personal messages and photographs.

A spokesperson for the brand confirmed: “We are also writing to all customers over the last 12 months to inform them of these issues. We take the security of customer data extremely seriously and we have temporarily suspended any new orders via the website.”

Once made aware of the attack, the retailer suspended all orders and launched an investigation into the matter with an external IT specialist.

To read more about this story, click here.

The biggest data breaches uncovered in April 2022

Popular retailer, The Works, suffers from cyber attack

The retailer The Works, which sells anything from books to arts and crafts, became victim of a cyber attack after hackers had access to its systems, meaning some of its stores were forced to close.

No payment details have been stolen in the cyber attack, but there is not yet confirmation as to what details have been compromised.

Since the attack, the company have appointed a forensic cybersecurity team to investigate the incident further. Both internal and external computer systems have been disabled as a precaution.

To read more about this story, click here.

British Army victim of data breach that impacted recruitment

120 British Army recruits’ personal data was found for sale on the dark web. This prompted the recruitment system to be turned offline for more than a month as a precaution.

It hasn’t yet been announced how the personal data was obtained or who by, but an investigation was launched into the matter to determine how it happened.

A spokesperson for the British Army stated, “Following the compromise of a small selection of recruit data, the army’s online recruitment services were temporarily suspended pending an investigation.

“This investigation has now concluded allowing some functionality to be restored and applications to be processed.”

The Information Commissioner’s Office (ICO) was notified and determined that no further action was necessary.

To read more about this story, click here.

Home Office Visa Services apologise after human error data breach

A human error led to the email addresses of more than 170 individuals being copied into an email that circulated in early April.

The email was regarding a change of location for visa appointments with the UK Visa and Citizenship Application Service (UKVCAS).

The Home Office sent a follow up email 24 hours later identifying the data breach and apologising for the matter.

The Information Commissioner’s Office (ICO) confirmed they hadn’t received a data breach report from the Home Office but stated not all breaches need to be reported.

To read more about this story, click here.

The latest data breach news and announcements

UK Information Commissioner meets in Washington DC to discuss children’s privacy

The UK Information Commissioner, John Edwards, flew to Washington DC to speak about protecting the privacy of individuals and children around the world.

Mr Edwards expressed to the Telegraph. And Wall Street Journal: “The digital world is borderless, and so many of the online services children access are based outside of the UK. That is one of the reasons why I’m heading to Washington this week for the biggest international gathering to help protect people’s personal information.

“The more other countries require companies to protect children’s data, the more children in the UK are protected. And the UK has an opportunity to influence real change based on the world-leading code that we have developed.”

Speak to our legal experts about a data breach

Having your personal information exposed in a data breach is an understandable concern to many, especially if it ends up in the hands of cyber criminals. Data breaches can have a considerable impact on the lives of those affected, including damaging mental wellbeing and incurring financial losses.

When you allow a business to record and store your personal information, they have strict guidelines to follow under the UK GDPR law to protect it. Where a business fails to protect your personal data, you could sustain damaging consequences.

Our team of data breach solicitors are specialists in the field and have considerable expertise in dealing with a range of data breach matters. We will provide clear, realistic advice you can trust about what can be achieved.

When you choose to meet with our team of experts, we will prudently listen and understand your situation and the disruption it has had on you and your loved ones’ lives. This allows us to determine the likelihood of success and the potential compensation you could be entitled to should you bring forward a compensation claim.

For further information on our data breach expertise and how we handle such claims, see here.

To start a data breach claim, you can use our online claim form.