Home / News & Resources / News & Updates / January 2022 Data Breach Roundup

January 2022 Data Breach Roundup

Posted onFebruary 25, 2022

A new year means new data breaches to report. The educational sector was hit the hardest in January, with three school data breaches being reported.

Here we report a brief roundup of some of the most significant data breaches to hit the news in January, including the data of more than half a million vulnerable people stolen from the International Red Cross. We also include some important updates in concern to the wider data breach industry.

Are you a victim of a data breach and had your personal data exposed? Are you looking for expert legal advice and support? Please get in touch with our data breach solicitors today.

The biggest data breaches uncovered in January 2022

Russian hackers linked to cyber attack on Gloucester Council

On December 20, 2021, Gloucester Council were subject to a cyber attack, which is still currently causing disruption to their website over a month later.

Since the attack occurred, the local council has been working alongside the National Crime Agency and the National Cyber Security Centre to learn more about how it happened. It has been found that the malware responsible for the disruption was embedded into an email one of the council officers received.

The council have been contacted by sources alleging Russian hackers were responsible for the breach.

Read more about this story here.

Parents of students at Liverpool school targeted by scam email

Many students and parents of current and past students at The Whitby High School in Liverpool received an email claiming to be from school officials.

The email in question deafferented depending on the receiver, with one receiver saying, "I got one that related to an email conversation in 2020!!"

Parents went to Facebook to make other individuals associated with the school aware of the scam and to ensure they did not open the link.

The school is aware of the data breach and are currently taking measures to investigate the breach and who is responsible. One mother of a child at the school discovered that the sender responsible is located in the USA.

Read more about this story here.

Human error led to Worcestershire school COVID-19 test mix up

Students at The De Montford School were involved in a data breach incident ascribed as a “human error”. Following the Christmas break, students underwent COVID-19 tests, but unfortunately, in a mix up, a small number of students’ results were sent to the wrong parents.

One of the students affected by the data breach was Amelia Felton, whose mother, Becky, was only made aware of the breach by another child’s parent who had received Felton’s test result. Becky said, “It was another parent that told me she had received my daughter’s result. This is a serious breach of personal data.”

The breach has since been investigated, following the school’s data protection policy, and confirmed to be caused by human error. The school have reported the data breach to the Information Commissioner’s Office.

Read more about this story here.

Year 11 students’ private data released

A document concerning the needs of children at Greensward Academy was accidentally released onto Google Classroom visible to other parties’ part of the school.

The breach was a human error made by a teacher who was unaware that the document contained personal information, including free school meal statuses, addresses, deprivation statuses, exam dispensation and special educational needs.

The document on Google Classroom was available to view by parents of students and the year 11 students themselves.

An anonymous parent expressed, “Some kids might not want other kids to know these things about them, as sadly, when it comes to stuff like free school meals, they might be mocked or looked down upon.”

Read more about this story here.

International Red Cross have half a million vulnerable peoples data stolen

Personal details of 515,000 people’s data were stolen from the International Red Cross. The humanitarian organisation helps people who are victims of conflict and armed violence, meaning many of those affected were highly vulnerable victims of war.

The ICRC Director-General pleads with those who are responsible to "do the right thing - do not share, sell, leak or otherwise use this data". It puts those vulnerable people at an even greater risk than they already are.

It is not yet known who carried out the cyber attack on the organisation, but it is known that the external company that were used to store the data were targeted.

Read more about this story here.

The latest data breach news and announcements

The ICO appoints a new UK Information Commissioner

The new year at the ICO started with a new UK Information Commissioner. John Edwards joined the ICO on a five year term, replacing Elizabeth Denham CBE. Edwards spent the last eight years as New Zealand Privacy Commissioner.

Edwards expressed, “My role is to work with those to whom we entrust our data so they are able to respect our privacy with ease whilst still reaping the benefits of data-driven innovation. I also want to empower people to understand and influence how they want their data to be used, and to make it easy for people to access remedies if things go wrong.”

The ICO expects a busy year with plans to propose reforms to the government in concern with the Data Protection Act and the introduction of the Online Safety Bill.

The ICO announce they’re conducting a listening exercise

The ICO want to understand more about individuals, businesses, and organisations experience of working with the ICO.

They plan to learn more about the experiences through the means of surveys and a series of events where the new UK Information Commissioner, John Edwards, will directly listen and discuss the experiences of individuals, businesses, and organisations.

Edwards explains, “I’m new here. I’ve worked in data protection and freedom of information for many years, and now my focus is on immersing myself in the UK system. I want to hear from businesses and organisations about their experiences. What’s working? What’s not? I want to know what would help you to achieve your objectives under our legislation.”

Speak to our legal experts about a data breach

Even where you have not suffered a loss due to a data breach, it is still possible for you to make a compensation claim. When you trust a business to handle your sensitive data, they have a legal responsibility under GDPR to keep it secure. Where this has not been done, and as a result, you become a victim of a data breach, you have the potential to suffer substantial damages.

Our team at Hayes Connor are data breach specialists, having one of the largest data breach teams nationally. We have decades of combined experience and will provide a bespoke service. No matter the type of data breach you have suffered, our team have the knowledge and expertise to assist.

We will take the time to understand your situation so we can establish whether you have a claim. We will clearly explain the claims process and the possible available compensation.

You can find out more about our expertise and how we handle data breach claims here.

To start a claim, you can use our online claim form.

Get in touch

Related posts

Great people!

Meet the team

Read more client stories

Handled my Data Breach Claim case very professionally, kept me informed throughout, would definitely use again if needed and would recommend to friends and family
Mick Stratton
Ben was helpful and informative making what was an unpleasant situation much more bearable. The whole process was dealt with professionally and in a supportive manner. I have recommended Hayes Connor to others and will continue to do so.
Hayes Connor dealt with my data breach claim in a professional manor, they kept me up to date with my claim and there representatives were always polite and clear in there instructions. Hayes Connor also exceeded my expectations with the amount of compensation I received. I would highly recommend this firm and would certainly use them again.
Paul Chesterfield
Great customer service from Hayes Connor, updated me from start to finish. Very easy to get in contact with the file handler and always responded promptly, very understanding and kind, couldn't fault them at all.
Han Maria
I instructed Hayes Connor to deal with a serious personal data breach.... I have dealt with many legal firms over the years and, without question and in every respect, Hayes Connor stands apart; head and shoulders above all others I have ever worked with and who, so often, have disappointed.

In the newsRead more news

Common Causes of Data Breaches

Common Causes of Data Breaches

PostedMarch 7, 2024

Data breaches are a common occurrence across a wide range of industries. Countless organisations have been caught out, particularly in recent years, leading to the exposure of highly sensitive personal...

What To Do If Your Bank Account Is Hacked?

What To Do If Your Bank Account Is Hacked?

PostedJanuary 30, 2024

Having your bank account hacked is one of the scariest and most devastating types of crime you can experience. It can cause immediate financial difficulties and long-term harm to your...

To speak to one of our experts please call 0330 041 5134 or fill out our form to make a claim.

Get in touch

Call us about your claim
- - - 0151 363 5895
Make a claim

Find out how our experts can help you with your claim
Make a claim