Posts

equifax group action
,

Everything you need to know about making a Group Action Claim against Equifax

Why should you join a group action case against Equifax?

A group action allows people with the same type of claim to bring it together on a collective basis. Group action claims are becoming far more common in the UK. Here are just some of the reasons why:

  • Strength in numbers. Starting a claim can be frightening, and it’s not unusual for people who have perfectly valid complaints to be put off due to the risks of going up against a large and well-resourced Defendant. Where cases are very similar, group actions can be a powerful tool and can redress the balance
  • Save on legal costs. By joining together, individuals can share the risks and costs of claiming compensation. Legal advice is also shared, so not everyone in the action needs to pay for their own solicitor
  • Help victims with smaller claims. Group actions provide a way for people with more modest cases (that may not justify legal fees) to claim the compensation they deserve. Often, solicitors will agree to take such cases on a no-win no-fee basis
  • You might not have to go to court. Usually, a Test Case is started, and common issues are tried. The result of this case is then used as a precedent for other cases in the action; so every single claim doesn’t have to be taken to court.

However, just because a case is part of a group action, this doesn’t mean that everyone will get the same amount of compensation if successful. All claims within a group action are still settled based on their merits, and victims will receive what they are owed.

We believe that a group action is the best way to seek compensation from Equifax.

Find out more about group actions.

How much does it cost to join the Equifax group action?

At Hayes Connor Solicitors, we are dealing with all Equifax data breach claims on a no-win, no-fee basis. This means that, if your claim is not successful, you won’t have to pay a penny.

What’s more, if your claim is successful we expect to be paid by the offending party (Equifax). So, as well as providing no-win, no-fee funding arrangements, we won’t charge you a “success fee”. This means, if you are awarded £1,500, you’ll get all of the compensation. There are no solicitor’s fees win or lose.

There are also no hidden charges or other administration fees.

How much compensation can you expect following the Equifax data breach?

We cannot say that you will definitely get compensation, but a group action helps to strengthen your chances. We believe Equifax has breached people’s data and needs to be held responsible by compensating for any losses, distress and inconvenience caused.

While each case is different, it is expected that each person will be able to claim between £1,000 and £2,500 (possibly even more for people who have had their financial data stolen).

What should you do now?

To become part of the Equifax group action, you will need to register with Hayes Connor Solicitors. Doing this guarantees that you will form part of the compensation claims that will be lodged by the firm. We will keep your details (securely of course!) and help you get the compensation you deserve.

Once you have registered with us, it’s important to keep a ‘diary’ or note of events since the hack. This will help us with your case.

For example:

  • Has your card been used without permission?
  • Are there transactions that you bank has picked up that you haven’t made?
  • Are you getting more ‘spam’ or junk email with your name on it? If so, create a folder and keep it as this may be relevant
  • Are you anxious or worried by the thought of people being able to access your data? Has this caused you any distress?

We have already received an influx of queries from people whose data was put at risk by the credit reference agency. If you were affected, you could be entitled to up to several thousand pounds, so it’s important to act now.

Register your details here.

Data protection compensation
,

Facebook data breach investigation latest. What’s happening and how can you make a compensation claim?

The Information Commissioner’s Office (ICO) is set to fine Facebook £500,000 for data breaches. That is the maximum financial penalty possible and reflects the severity of the data protection scandal. The ICO also intends to bring criminal action against SCL Elections, the now-defunct parent company of Cambridge Analytica.

If you are a Facebook user and are concerned that your data has been accessed and exploited, get in touch. We’ll let you know if and when you can claim.

GET IN TOUCH

What happened in this case?

  • Social media giant Facebook and controversial data firm Cambridge Analytica are at the centre of a dispute over the harvesting and use of personal data
  • Questions were raised over whether this data was used to influence the outcome of the US 2016 presidential election and the Brexit referendum
  • In March 2017, the ICO began looking into whether personal data had been misused

What is happening now in the Facebook data breach investigation?

Yesterday, the Information Commissioner Elizabeth Denham, published a detailed update of her office’s investigation into the use of data analytics in political campaigns.

The report reveals that the ICO plans to fine Facebook £500,000 for breaches of the Data Protection Act.

The ICO has also said that it is taking steps to bring a criminal prosecution against SCL Elections Limited. While Cambridge Analytica has shut down, the ICO has already said that its directors can still be held liable and possibly criminally prosecuted.

Crucially, the ICO believes that in addition to breaching its own rules, Facebook also failed to ensure Cambridge Analytica had deleted its users’ personal data when requested. What’s more, while the ICO noted that Facebook had been the biggest recipient of digital advertising by political parties and campaigns to date, it said that the company had not done enough to explain to users they were being targeted as a consequence, or given people enough control over how their sensitive personal data was used. As a result, it seems that Facebook is guilty of two breaches of the Data Protection Act.

So, does this mean Facebook will be held to account?

No. The social media giant still has time to make any representations to the ICO before a final decision is made. However, by publishing a Notice of Intent, it is clear that the ICO is taking this matter very seriously. In fact, based on the evidence so far it looks likely that the ICO will issue Facebook with the maximum fine allowed under British law.

However, Facebook could still get away lightly, because if it had been fined under the new GDPR (General Data Protection Regulation), it could have been hit with a penalty of £479m. Indeed, the £500,000 fine is tiny when stacked up against the firm’s value of £445bn.

The impact on political parties

In its report, the ICO raised concerns about political parties buying personal information from data brokers.

Worryingly, Elizabeth Denham has said that: “We are at a crossroads. Trust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes.

“New technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters.

“But this cannot be at the expense of transparency, fairness and compliance with the law.”

She also said that the impact of behavioural advertising in elections, was significant and has called for a code of practice to fix the system.

The ICO has also written to all the main political parties in the UK pressing them to have their data protection practices audited.

Who else is involved?

 Aggregate IQ

The ICO has said that Aggregate IQ (AIQ), a Canadian company which worked with the Vote Leave campaign in the run-up to the EU Referendum must stop processing UK citizens’ data. AIQ had access to UK voters’ personal data provided by Vote Leave and this information may have been transferred and accessed outside the UK. If so, this would be a breach of the Data Protection Act.

Emma’s Diary

The ICO also named Emma’s Diary; a company that gives medical advice and free baby-themed goods to parents who download an app. It appears that the company may have handed over data which was then used by the Labour Party to campaign to people. As a result, the ICO is about to take regulatory action against Lifecycle Marketing, the owner of the service.

With potentially one million people affected, if you have downloaded and used Emma’s Diary and are concerned that you have been targeted in this way, contact us today to find out more about making a compensation claim.

CONTACT US NOW

Eldon Insurance Services

It has been alleged that the Leave campaign used the personal information of people on the Eldon Insurance and GoSkippy database on the run-up to the Brexit referendum. If true, this is a shocking misuse of private information and anybody affected is likely to have a claim for compensation.

Find out more here.

Vote Leave

The ICO is looking into to what extent Vote Leave transferred the personal data of citizens outside the UK. It is likely that this was in a breach of the Data Protection Act.

Remain campaign

The ICO is investigating the collection and sharing of personal data by the official Remain campaign (Britain Stronger in Europe) and a linked data broker. In particular, it is examining inadequate third party consents and the fair processing statements used to collect personal data.

The University of Cambridge

The Psychometrics Centre at the University of Cambridge carries out research into social media profiles. As part of its investigation, the ICO is considering whether Cambridge University has “sufficient systems and processes in place to ensure that data collected by academics for research is appropriately safeguarded in its use and not re-used for commercial work.”

The ICO said that it expects the next stage of its investigation to be complete by the end of October.

How to make a compensation claim

What’s emerged so far is looking increasingly like just the tip of the iceberg. We could be talking about one of the largest ever group actions of its kind in the UK courts. As such, Hayes Connor Solicitors has launched a group action against Facebook and has appointed Barrister Ian Whitehurst to help in this case.

Having developed a practice in the field of data breach claims for individuals and companies who have had their personal and sensitive data breached by third parties, we are confident that together our team will get the results our clients deserve.

We believe that a group action is the best way forward for data breach claims of this nature. It allows people with the same type of claim in principle to bring it together on a collective basis to strengthen their overall position and increase their chances of settlement or success in litigation.

Furthermore, with a group action claimants often share the legal fees. And, while the cost of pursuing small claims can be a barrier to justice, by grouping cases together, solicitors are often able to run group actions on a no win-no fee basis.

What should you do now?

Contact Hayes Connor Solicitors ASAP. We’ll ensure that you are fully informed on this matter and will notify you about the investigation and your legal rights when making a claim.

REGISTER NOW

Equifax data hack
,

How much compensation could you receive following the Equifax data hack?

The investigation by the Financial Conduct Authority (FCA) into Equifax data hack is now drawing to a close. And, our data breach compensation solicitors are predicting that the regulator may well impose a financial penalty of millions of pounds.

So, if you think your data was put at risk because of the Equifax data breach, now is the time to start preparing your claim for compensation. But how much could you receive?

Well, while each case is different, it is expected that each person will be able to claim between £500 and £3,000.

 

Data stolen Likely compensation pay-out
Financial data £3,000
Email addresses £1,500
Other personal data £500 – £1,000

 

With 14 million customers affected in the UK alone, in addition to any fines imposed by the regulator, Equifax could find itself facing a compensation bill of millions of pounds. And that’s just this side of the Atlantic. The figures in the US could be even more staggering.

If Equifax is already being fined by the FCA, why do you still need to claim compensation?

The Equifax data breach compromised the personal information of 14 million customers, with 30,000 people having their email addresses stolen and 15,000 having their credit card details put at risk. The potential consequences of the breach include financial fraud, identify fraud, cyber-extortion and online harassment.

However, any fine given by the FCA will not go towards victims of the data breach. So, anyone who has suffered following the Equifax cyber-attack should be looking to claim compensation.

At Hayes Connor Solicitors our data breach compensation solicitors are ready to help victims of the Equifax data hack to claim compensation and get the payment they deserve. You can claim if you have lost out financially because of the hack, or if the data breach has caused you stress or anxiety (in a way that could be diagnosed by a psychologist).

To help you get the justice you deserve, we are launching a group action against Equifax. This strengthens your overall position and increases your chances of settlement or success at Court. What’s more, we are also providing no-win, no-fee funding arrangements in this case, and, if successful, we won’t charge a “success fee”. This means, if you are awarded £1,500, you will get all of the compensation. There are no solicitor’s fees win or lose.

To become part of the Equifax group action, you will need to register with Hayes Connor Solicitors. Doing this guarantees that you will form part of the compensation claims that will be lodged by the firm.

If you have been affected and want to join the group action, you can register your details here.

 

data breach solicitors
,

How do you make a compensation claim against Equifax?

Industry experts are predicting that the Financial Conduct Authority’s (FCA) investigation into the Equifax data breach is now coming to an end. If the FCA finds Equifax guilty of not looking after consumer data with the necessary levels of care, this could open the floodgates to millions of compensation claims being made against Equifax.

So, what should you do if you think your data has been compromised because of the Equifax data hack? How do you make a claim against Equifax?

  1. If you are in any way concerned, contact the data breach compensation solicitors at Hayes Connor Solicitors and let us know. You can register your details here
  1. We will check if you have had your data breached (if the company has not written to you and admitted as much already)
  2. Once we have established that your data has been violated – and the extent of this failing – we can start the claims procedure on your behalf. Of course, we’ll only do this with your explicit agreement!
  3. Once you have registered with our data breach compensation solicitors, it’s important to keep a ‘diary’ or note of events since the hack. This will help us with your case. This includes things like whether your card been used without permission, if there are transactions that your bank has picked up that you haven’t made and if you are getting more ‘spam’ or junk email with your name on it
  4. You should also keep a note if you are anxious or worried by the thought of people being able to access your data
  5. When the results of the FCA investigation are revealed, we will make sure you are part of our group action against Equifax. With this group action claim, you and the other claimants collectively bring your cases to court against Equifax. Where circumstances are very similar, group actions can be a powerful tool and can have a bigger impact than a single claim.

 

Read our FAQ’s to find out more and to add your details to our secure database. Our expert, friendly data breach compensation solicitors will advise you when you have a valid claim and will be pleased to answer any questions you might have.

We have already received an influx of queries from people whose data was put at risk by the credit reference agency. If you were affected, you could be entitled to up to several thousand pounds, so it’s important to act now.

 

REGISTER NOW

equifax data hack compensation
,

Equifax data hack fine imminent

The Financial Conduct Authority’s (FCA) investigation into the Equifax data hack is expected to result in a financial penalty of millions of pounds. In response, our data breach solicitors are ready to launch a huge group action against Equifax.

The FCA investigation

The FCA revealed that it was investigating the Equifax data breach in October last year. While the FCA does not typically disclose whether it is looking into a company, it said it had chosen to confirm the existence of an investigation given the “public interest” in the case.

The Equifax data breach compromised the personal information of 14 million customers, with 30,000 people having their email addresses stolen and 15,000 having their credit card details put at risk. The potential consequences of the breach include financial fraud, identify fraud, cyber-extortion and online harassment.

While the Information Commissioner’s Office (ICO) is also investigating the breach, the news about the FCAs involvement was significant for consumers because the FCA has considerably more powers than the ICO. This means that the matter is being treated very seriously.

Given the significance of this case, and the number of people involved, our data breach solicitors predict that the regulator may well impose financial penalties running into the millions of pounds.

However, while a fine would be an essential step in ensuring big businesses like Equifax do more to uphold their obligations and keep people safe, it does very little to help those already affected by the breach. As such, anyone who has suffered following the Equifax cyber-attack should be looking to claim compensation.

In fact, if the FCA does rule against Equifax, this could help customers to get compensation through civil litigation.

At Hayes Connor Solicitors, our data breach solicitors are ready to help victims of the Equifax data hack to claim compensation and get the payment they deserve. In fact, over the last few months, our data breach and cybercrime experts have witnessed an influx of queries from people who are concerned that their data may be at risk.

Crucially, it doesn’t matter if you haven’t lost out financially as a result of the Equifax hack. Being the victim of a crime can have a significant impact on you mentally and physically. So, if the data breach has caused you stress or anxiety – in a way that could be diagnosed by a psychologist – then the law agrees that you are entitled to compensation.

To help our clients get the justice they deserve, we are launching a group action against Equifax. This allows people with the same type of claim to bring it together on a collective basis. Doing this strengthens their overall position and increases their chances of settlement or success at Court. What’s more, we are also providing no-win, no-fee funding arrangements in this case, and, if successful, we won’t charge a “success fee”. This means, if you are awarded £1,500, you will get all of the compensation. There are no solicitor’s fees win or lose.

Let our data breach solicitors help you

To become part of the Equifax group action, you will need to register with Hayes Connor Solicitors. Doing this guarantees that you will form part of the compensation claims that will be lodged by the firm. While each case is different, it is expected that each person will be able to claim between £500 and £3,000.

 

If you have been affected and want to join the group action, you can register your details here.

equifax data breach even worse
, , ,

Equifax data breach is even worse than first thought

In September last year, it was revealed that up to 400,000 people in the UK might have had their personal details stolen when Equifax was hacked by cybercriminals.

Equifax is the second largest credit reference agency in the UK and is used by a wide range of companies to decide whether to issue mortgages, loans, store cards, credit cards, etc. So, even if you are not an Equifax customer, it could still hold a wealth of information about you. That’s why, when it was revealed that hackers had gained access to the private details of Equifax customers (both here and in the US), it was big news.

At the time, it was reported that the stolen data included names, address, dates of birth, and credit card numbers. However, last month it became apparent that the sheer scale of the Equifax breach had gone from bad to worse, with more information stolen than initially reported. In fact, 3,200 passport images were also taken by cybercriminals, despite initial denials from the company.

How can cybercriminals use your private data?  

Along with the original info stolen, our images are considered to be personally identifiable information (PII). PII includes any data that can be used to identify a specific individual, and, if it gets into the wrong hands, it can be used to undertake identity fraud.  For example, with enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Signs that criminals have used your data following a data breach include:

  • Bills or emails showing goods or services you haven’t ordered
  • Unfamiliar transactions from your account
  • An unexpected dip in your credit score
  • Unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.

Crucially, it doesn’t matter if you haven’t lost out financially as a result of the hack. A personal data breach is a 21st-century version of being burgled and being the victim of a crime can have a significant impact on you mentally and physically. So, if the data breach has caused you stress or anxiety (in a way that could be diagnosed by a psychologist), then the law agrees that you are entitled to compensation.

Holding Equifax to account

While Equifax was the victim of a cyber-attack, it was responsible for protecting your personal information. So, if you have suffered damage or distress caused by this hack, you have a right to claim compensation.

The stolen passport images relate to those individuals already impacted by the breach, so, if you have previously received a letter from Equifax informing you that your data was put at risk, it is vital that you now make a compensation claim and hold them to account.

To make matters worse, not only did Equifax fail to come clean straight away about the scale of the breach, but a former Equifax executive also sold his shares in the company before the news of the hack went public. Earning roughly $1 million in the process, the executive was set to profit at the expense of millions of customers. He has since been charged with insider trading, but his actions reflect a disdain for consumer data protection that is all too common.

With data breaches on the rise, something has to be done to make big companies accountable for these losses, so claiming compensation isn’t just in your best interests, it could be the only way to ensure that businesses everywhere implement more secure processes.

What should you do now?

In the UK, investigations into the Equifax data breach are still ongoing, and, we’ve been contacted by hundreds of people worried that their personal data was not looked after as carefully as it should have been.

In response, at Hayes Connor, we are preparing a group litigation action for everyone who has had their data accessed in the Equifax data breach. To become part of this group action, we need you to register with us. This guarantees that you will form part of the compensation claims that will be lodged by us.

While each case is different, we expect to claim £1,000 to £2,500 per person. And, as well as providing no-win, no-fee funding arrangements, we won’t charge you a “success fee”. This means, if you are awarded £1,500, you’ll get all of the compensation. So there are no solicitor’s fees whether you win or lose.

If you have been affected and want to join our group action, register your details here.

Data breach compensation claims
,

Can you still make a claim against Cambridge Analytica?

Cambridge Analytica – which is at the centre of the Facebook data breach scandal – has filed for bankruptcy and is to shut down. Accused of improperly using personal data harvested from millions of Facebook users, a statement on the firm’s website states that it is it “no longer viable to continue operating the business.” Cambridge Analytica’s parent company, SCL Group, is also closing, leading to allegations that the firms are attempting to use insolvency laws in the UK to evade scrutiny.

Will the investigations continue?

Commenting on the news, the chair of the UK parliamentary committee leading the investigation into the data breach scandal said that: “They [Cambridge Analytica’s and SCL Group] are party to very serious investigations and those investigations cannot be impeded by the closure of these companies.”

He added: We’ve got to make sure this isn’t an attempt to run and hide, that these companies are not closing down to try to avoid them being rigorously investigated over the allegations that are being made against them.”

There is also scepticism over the closures, with one ex-employee of Cambridge Analytica, stating that they were sure the company would emerge “in some other incarnation or guise”.

Can you still claim for compensation?

Absolutely. In fact, regardless of whether a company exists anymore, directors can still be held liable. The Information Commissioner’s Office (ICO) – which is conducting its own civil and criminal investigations – has said that it will pursue individuals and directors as appropriate and necessary should the companies no longer be operating.

The ICO has also said that it will continue with its inquiries and “monitor closely any successor companies using our powers to audit and inspect, to ensure the public is safeguarded.”

What now?

If you are concerned that your data has been exploited by Facebook and Cambridge Analytica contact us today. As specialists in data law, we are carefully observing this case and are pulling together a group action to seek compensation.

We believe that a group action offers the best chance of success for data breach claims of this nature as it allows people to work together on a collective basis and strengthen their overall position. With a group action, people share the legal fees, and, by grouping cases together, solicitors are often able to run group actions on a no win-no fee basis.

At Hayes Connor, we not only have the legal expertise needed to win these types of cases, but we have also appointed an expert barrister to help and we are confident that our team will get the results you deserve.

Register your interest in making a compensation claim.

data breach solicitors
, ,

Expedia data breach – have your bank details been exposed?

As news reports everywhere discussed the ins and outs of the Facebook/Cambridge Analytica scandal, another data breach was uncovered last month. But, because the details aren’t as juicy as those in the Facebook case, it didn’t quite get as much coverage. So you might not have heard about it.

But, for victims of the Expedia data hack – which may have revealed the information on thousands of payment cards – the consequences could be even worse. So, what exactly happened, and can you make a data protection act compensation claim if your details are at risk?

Expedia data breach – what happened?

In March, travel fare aggregator Orbitz revealed that between January 2016 and December 2017, hackers gained access to users’ personal information. This included names, phone numbers, emails and billing addresses. Orbitz, which is owned by Expedia, offers booking options and deals on flights, accommodation and holiday activities.

The hack, which is believed to have accessed 80,000 accounts wasn’t discovered until March 2018, which left plenty of time for cybercriminals to put this information to illegal use.

A statement by Orbitz said: “To date, we do not have direct evidence that this personal information was actually taken from the platform and there has been no evidence of access to other types of personal information, including passport and travel itinerary information.”

However, that data that has been accessed is extremely personal and could cause serious damage and distress for victims.

Should you be worried?

The information accessed in the Expedia data hack is enough to leave victims open to fraud. So, if you have been affected, you are right to worry about what could happen if this data gets into the wrong hands. For example, with enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Signs that your data has been used by criminals following a data breach include:

  • Bills or emails showing goods or services you haven’t ordered
  • Unfamiliar transactions from your account
  • An unexpected dip in your credit score
  • Unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.

Don’t be fobbed off!

To help protect users, Orbitz has said those affected can access a year of free credit monitoring and identity protection services. But, given the amount of time that has lapsed between the breach and its discovery, this could be too little too late.

Also, while we do recommend using these types of services – particularly following a data breach – you should make sure that by agreeing to any free offers, you are not inadvertently signing away you rights to make a data protection act compensation claim.

Can you make a data protection act compensation claim?

If you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation. You can claim against a wide range of private organisations and businesses already fined by the Information Commissioner’s Office (ICO).

As such, if you want to hold Expedia to account we recommend that you inform the ICO about your concerns ASAP.

You can do this here.


However, while the ICO has the power to impose hefty fines on organisations in breach of their duties, it does not award compensation, So, you should also contact us to claim data protection act compensation.

Start your data protection act compensation claim
At Hayes Connor Solicitors, we make sure you receive the maximum compensation possible in the shortest possible time for any financial, medical harm, anguish and anxiety caused by a data breach. We will also let you know when your claim for data protection act compensation can be made and advise you on what to do while waiting for the investigation’s findings.

With large-scale, high-profile hacks and breaches happening more and more often, something has to be done to make companies accountable for these losses. So, claiming compensation isn’t just in your best interests – it could be the only way to ensure that they implement more secure processes.

VISIT OUR SECURE DATA BREACH FORM

,

Facebook Data Scandal

Last week Mark Zuckerberg faced some hard questions about the Facebook data scandal – Here is a round up of what he said:

 

Hard Questions: Q&A With Mark Zuckerberg on Protecting People’s Information

Mark Zuckerberg

about 2 weeks ago

I want to share an update on the Cambridge Analytica situation — including the steps we’ve already taken and our next steps to address this important issue.

We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you. I’ve been working to understand exactly what happened and how to make sure this doesn’t happen again. The good news is that the most important actions to prevent this from happening again today we have already taken years ago. But we also made mistakes, there’s more to do, and we need to step up and do it.

Here’s a timeline of the events:

In 2007, we launched the Facebook Platform with the vision that more apps should be social. Your calendar should be able to show your friends’ birthdays, your maps should show where your friends live, and your address book should show their pictures. To do this, we enabled people to log into apps and share who their friends were and some information about them.

In 2013, a Cambridge University researcher named Aleksandr Kogan created a personality quiz app. It was installed by around 300,000 people who shared their data as well as some of their friends’ data. Given the way our platform worked at the time this meant Kogan was able to access tens of millions of their friends’ data.

In 2014, to prevent abusive apps, we announced that we were changing the entire platform to dramatically limit the data apps could access. Most importantly, apps like Kogan’s could no longer ask for data about a person’s friends unless their friends had also authorized the app. We also required developers to get approval from us before they could request any sensitive data from people. These actions would prevent any app like Kogan’s from being able to access so much data today.

In 2015, we learned from journalists at The Guardian that Kogan had shared data from his app with Cambridge Analytica. It is against our policies for developers to share data without people’s consent, so we immediately banned Kogan’s app from our platform, and demanded that Kogan and Cambridge Analytica formally certify that they had deleted all improperly acquired data. They provided these certifications.

Last week, we learned from The Guardian, The New York Times and Channel 4 that Cambridge Analytica may not have deleted the data as they had certified. We immediately banned them from using any of our services. Cambridge Analytica claims they have already deleted the data and has agreed to a forensic audit by a firm we hired to confirm this. We’re also working with regulators as they investigate what happened.

This was a breach of trust between Kogan, Cambridge Analytica and Facebook. But it was also a breach of trust between Facebook and the people who share their data with us and expect us to protect it. We need to fix that.

In this case, we already took the most important steps a few years ago in 2014 to prevent bad actors from accessing people’s information in this way. But there’s more we need to do and I’ll outline those steps here:

First, we will investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity. We will ban any developer from our platform that does not agree to a thorough audit. And if we find developers that misused personally identifiable information, we will ban them and tell everyone affected by those apps. That includes people whose data Kogan misused here as well.

Second, we will restrict developers’ data access even further to prevent other kinds of abuse. For example, we will remove developers’ access to your data if you haven’t used their app in 3 months. We will reduce the data you give an app when you sign in — to only your name, profile photo, and email address. We’ll require developers to not only get approval but also sign a contract in order to ask anyone for access to their posts or other private data. And we’ll have more changes to share in the next few days.

Third, we want to make sure you understand which apps you’ve allowed to access your data. In the next month, we will show everyone a tool at the top of your News Feed with the apps you’ve used and an easy way to revoke those apps’ permissions to your data. We already have a tool to do this in your privacy settings, and now we will put this tool at the top of your News Feed to make sure everyone sees it.

Beyond the steps we had already taken in 2014, I believe these are the next steps we must take to continue to secure our platform.

I started Facebook, and at the end of the day I’m responsible for what happens on our platform. I’m serious about doing what it takes to protect our community. While this specific issue involving Cambridge Analytica should no longer happen with new apps today, that doesn’t change what happened in the past. We will learn from this experience to secure our platform further and make our community safer for everyone going forward.

I want to thank all of you who continue to believe in our mission and work to build this community together. I know it takes longer to fix all these issues than we’d like, but I promise you we’ll work through this and build a better service over the long term.

[source: Facebook Hard questions]

If you are worried that you have been affected then contact us today

,

MyFitnessPal data breach – know your rights Step-by-step guide to claiming data protection act compensation

Last week it was revealed that MyFitnessPal was breached. Affecting 150 million users, the scale of the breach makes it one of the largest data hacks in history.

What data has been stolen?

The data stolen includes usernames, email addresses and scrambled passwords for both the MyFitnessPal app and the website.

An email from MyFitnessPal to affected users said that on March 25, 2018, Under Armour – the maker of the app – became aware that during February of this year an unauthorised party acquired data associated with MyFitnessPal user accounts. Once informed, Under Armour said that it “quickly took steps to determine the nature and scope of the issue”. It also said that it is working with leading data security firms to assist in its investigation; and that it has notified and is coordinating with law enforcement authorities.

Users have also been given advice on how they can protect their data. However, this could be too little too late.

What can criminals do with this stolen data?

With enough information, cyber criminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts. And, while in this case bank details and home addresses were not put at risk, there is a lot of information that can be collected from an email account.

Signs that your data has been stolen include:

  • Bills or emails showing goods or services you haven’t ordered
  • Unfamiliar transactions or suspicious activity on your account
  • An unexpected dip in your credit score
  • Unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.

To protect yourself from cyber criminals, make sure you follow the advice provided by MyFitnessPal. In particular, change your password and avoiding clicking on links or downloading attachments from suspicious emails.  

Step-by-step guide to data protection act compensation

If you have had your data stolen, it is also essential that you know your rights.

  1. If you have suffered damage or distress caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation
  2. You can make a claim against a wide range of private organisations and businesses already fined by the Information Commissioner’s Office (ICO)
  3. The Information Commissioner’s Office (ICO) is an independent authority, set up to uphold information rights in the public interest, and to promote openness by public bodies and data privacy for individuals. While the ICO does not award compensation, it does have the power to impose hefty fines on organisations in breach of their duties
  4. At Hayes Connor Solicitors, we can help you to claim data protection act compensation. We make sure you receive the maximum compensation possible in the shortest possible time
  5. To claim compensation, you must be able to prove that you suffered as a result of the breach. This includes financial and medical harm, as well as anguish and anxiety. In many cases, a violation will not cause damage but will cause distress. This could be especially true in this case should personal fitness and health data be exposed
  6. Until recently, a person who suffered damage might have had their compensation increased to take into account any associated distress, but in most cases compensation would not have been awarded for distress alone. However, a recent ruling has paved the way for those affected by data breaches to claim damages for distress, even if they have not suffered any financial loss.

It is vital to hold large companies to account to ensure better data protection processes are put in place. So, if you have been affected by the MyFitnessPal breach we recommend that you inform the Information Commissioner’s Office (ICO) about your concerns ASAP.

In addition, if you are a MyFitnessPal user and are worried that your data has been accessed and exploited, you should get in touch with Hayes Connor Solicitors. We will let you know when your claim for data protection act compensation can be made and help you get the redress you deserve. We will also be able to advise you on what to do while waiting for the investigation’s findings.

VISIT OUR SECURE DATA BREACH FORM