Posts

equifax
,

Equifax staff treating customers with disdain following data breach

The Equifax UK breach case is drawing to a conclusion, and we are hopeful that we will soon be able to start a group action against the company. However, it seems that the more we find out about this case, the worse it gets.

Earlier this year, we described how the lack of care shown towards customers affected by the Equifax data breach was made even worse when it was revealed that a former Equifax executive sold his shares in the company before the news of the data breach went public.

Earning roughly $1 million in the process, the executive was set to profit at the expense of millions of customers (in the UK and US). Luckily he was later charged with insider trading, but his actions reflect a disdain for consumer data protection that is all too common.

Last week there were reports that yet another staffer at Equifax was slapped with an insider trading rap. This time the culprit was a software engineering manager who “traded on confidential information he received while creating a website for consumers impacted by a data breach.”

It’s becoming clear, therefore, that something has to be done to hold Equifax to account. Particularly as people at the company appear to be showing a complete disregard of the impact the data breach has had on customers.

What is happening in the Equifax UK breach case?

In the UK, investigations led by the Information Commissioner’s Office and Financial Conduct Authority (FCA) are ongoing. However, industry experts are predicting that the FCA investigation into the Equifax data breach is now coming to an end.

If the FCA finds Equifax guilty of not looking after consumer data with the necessary levels of care, this could open the floodgates to millions of compensation claims being made against Equifax.

How much compensation could you receive?

While each case is different, it is expected that each person will be able to claim between £500 and £3,000. With 14 million customers affected in the UK alone, in addition to any fines imposed by the regulator, Equifax could find itself facing a compensation bill of millions of pounds. And that’s just for the Equifax UK breach. The figures in the US could be even more staggering.

Find out more

A breach of trust

Your data is a valuable commodity. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts. But all too often companies like Equifax do not protect it as well as they should do. As a result data breaches are on the rise.

To make matters worse, in most cases, data losses are entirely preventable; businesses just don’t like investing in cybersecurity, updating their systems, or training their staff.

With large-scale, high-profile hacks and breaches happening more and more often, something has to be done to make companies accountable for these losses. So, claiming compensation isn’t just in your best interests – it could be the only way to ensure that they implement more secure processes.

Don’t be bought off!

Those affected by the Equifax UK breach were offered some free services to reduce their risk following the hack. These included a credit-report monitoring service, a web monitoring service, the option to get a copy of your credit report by post, and registration to a fraud protection service.

However, it’s vital that you know your rights before you sign up. Make sure you are not inadvertently signing away your rights to pursue a compensation claim at a later date.

How to make a compensation claim against Equifax

If you are in any way concerned, contact Hayes Connor Solicitors and let us know. You can register your details here.

We will check if you have had your data breached (if the company has not written to you and admitted as much already). And, once we have established that your data has been violated, we will start the claims procedure on your behalf.

When the results of the FCA investigation are revealed, we will make sure you are part of our group action against Equifax. With this group action claim, you and the other claimants collectively bring your cases to court against Equifax. Where circumstances are very similar, group actions can be a powerful tool and can have a bigger impact than a single claim.

VISIT OUR SECURE DATA BREACH FORM

equifax group action
,

Everything you need to know about making a Group Action Claim against Equifax

Why should you join a group action case against Equifax?

A group action allows people with the same type of claim to bring it together on a collective basis. Group action claims are becoming far more common in the UK. Here are just some of the reasons why:

  • Strength in numbers. Starting a claim can be frightening, and it’s not unusual for people who have perfectly valid complaints to be put off due to the risks of going up against a large and well-resourced Defendant. Where cases are very similar, group actions can be a powerful tool and can redress the balance
  • Save on legal costs. By joining together, individuals can share the risks and costs of claiming compensation. Legal advice is also shared, so not everyone in the action needs to pay for their own solicitor
  • Help victims with smaller claims. Group actions provide a way for people with more modest cases (that may not justify legal fees) to claim the compensation they deserve. Often, solicitors will agree to take such cases on a no-win no-fee basis
  • You might not have to go to court. Usually, a Test Case is started, and common issues are tried. The result of this case is then used as a precedent for other cases in the action; so every single claim doesn’t have to be taken to court.

However, just because a case is part of a group action, this doesn’t mean that everyone will get the same amount of compensation if successful. All claims within a group action are still settled based on their merits, and victims will receive what they are owed.

We believe that a group action is the best way to seek compensation from Equifax.

Find out more about group actions.

How much does it cost to join the Equifax group action?

At Hayes Connor Solicitors, we are dealing with all Equifax data breach claims on a no-win, no-fee basis. This means that, if your claim is not successful, you won’t have to pay a penny.

What’s more, if your claim is successful we expect to be paid by the offending party (Equifax). So, as well as providing no-win, no-fee funding arrangements, we won’t charge you a “success fee”. This means, if you are awarded £1,500, you’ll get all of the compensation. There are no solicitor’s fees win or lose.

There are also no hidden charges or other administration fees.

How much compensation can you expect following the Equifax data breach?

We cannot say that you will definitely get compensation, but a group action helps to strengthen your chances. We believe Equifax has breached people’s data and needs to be held responsible by compensating for any losses, distress and inconvenience caused.

While each case is different, it is expected that each person will be able to claim between £1,000 and £2,500 (possibly even more for people who have had their financial data stolen).

What should you do now?

To become part of the Equifax group action, you will need to register with Hayes Connor Solicitors. Doing this guarantees that you will form part of the compensation claims that will be lodged by the firm. We will keep your details (securely of course!) and help you get the compensation you deserve.

Once you have registered with us, it’s important to keep a ‘diary’ or note of events since the hack. This will help us with your case.

For example:

  • Has your card been used without permission?
  • Are there transactions that you bank has picked up that you haven’t made?
  • Are you getting more ‘spam’ or junk email with your name on it? If so, create a folder and keep it as this may be relevant
  • Are you anxious or worried by the thought of people being able to access your data? Has this caused you any distress?

We have already received an influx of queries from people whose data was put at risk by the credit reference agency. If you were affected, you could be entitled to up to several thousand pounds, so it’s important to act now.

Register your details here.

data breach claims
,

23,000 Fortnum & Mason customers could be entitled to data breach compensation

High-end grocer Fortnum & Mason, has become the latest business to suffer a significant data breach due to hackers. This week, the store revealed that 23,000 customers have had their personal details stolen. The compromised information includes email addresses, home addresses, phone numbers and social media names.

Those affected should now consider claiming for data breach compensation.

People who may have had their details stolen include:

  • Those who voted for the TV personality of the year category at the store’s food and drink awards
  • People who entered a competition to win tickets for an exhibition of Charles I’s art collection
  • Customers who filled in a survey about the concierge service at Fortnum & Mason’s Piccadilly store.

The poll had been organised by Typeform, a company which specialises in creating surveys and forms. On 27 June Typeform discovered that an unknown third party had accessed its server and downloaded information. In response, it “immediately and fixed the source of the breach.”

Commenting on the latest data protection scandal, Fortnum & Mason chief executive Ewan Venters has said that the hack is mostly limited to email addresses and there is no evidence that highly sensitive information like bank details or credit cards have been accessed.

However, today’s cybercriminals don’t just care about our financial information. They can also cause chaos with personally identifiable information such as an email address. In fact, with enough data, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

The Fortnum & Mason data breach comes hot on the heels of a similar incident at Ticketmaster.

These types of incidents are becoming increasingly common and they often have severe consequences for those affected, so you could be entitled to thousands of pounds in data breach compensation. What’s more, it doesn’t matter if there is no evidence that the data has been used to carry out identity theft or fraud. If the data breach has caused you stress or anxiety then the law agrees that you are entitled to compensation.

All those affected have been contacted. So, if you have received confirmation that your details have been hacked, we would urge you to let us know and start a data breach compensation claim. If you took part in any of the surveys or polls listed above and you haven’t received an email, make sure that you check your junk mail folder.

Once registered with us, we’ll let you know what is happening in this case and if and when you can claim. You should also raise any concerns with the ICO.

 

REGISTER NOW

data breach compensation
,

Ticketmaster data hack: what are the different types of data breaches?

Earlier this year, Ticketmaster was affected by a significant data protection breach after cybercriminals hacked the company’s website. And the number of people impacted by the theft of their details could be significantly worse than first thought.

But not everyone who is a victim of the Ticketmaster data hack has had the same information stolen. So, what are the different types of data breaches in this case?

Financial information stolen and used

There are reports that customers of Ticketmaster have been the victims of theft, with their cards used on money transfer service Xendpay, Uber gift cards and Netflix (among others).

To make matters worse, according to digital bank Monzo, it warned Ticketmaster that something strange was going on two months before the business revealed its payment pages had been hacked. However, in responding to the bank’s concerns, Ticketmaster said that: “an internal investigation had found no evidence of a breach and that no other banks were reporting similar patterns.”

Anyone who has had their financial details stolen and used fraudulently could now be looking at compensation up to £5,000.

Financial information stolen

Many of those affected by the Ticketmaster data breach will have had their financial details stolen but not used (at least not yet). And these people are also entitled to make a data breach compensation claim.

Of course, there are those that will argue that, while it is acceptable to claim compensation for any financial losses, you should put up with any anxiety caused by having your information robbed. That claiming for distress is an overreaction and that your physiological suffering and anguish doesn’t matter. Luckily the law doesn’t look at things this way and recognises the amount of damage that can be caused by worry and upset.

Being the victim of a crime can have a significant impact on you mentally and physically, and the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. So being told to “get over it” isn’t helpful.

Crucially, you can make a compensation claim if you have struggled emotionally following a data breach, even if you have not experienced any financial loss.

If you had your financial details stolen during the Ticketmaster data hack, you could be looking at compensation up to £3,000.

Email address stolen

If your email account has been hacked the consequences could be devastating. Not only does it give hackers access to lots of private data about you, but it also gives them a gateway into resetting passwords and accessing additional account information (such as your financial and social media accounts).

Sometimes hackers might even change your settings to forward a copy of every email you receive to themselves before you’ve had a chance to save your password. They might even start using your account as a gateway to your friends and contacts. Your email could also be passed on to third parties, so you become the target of sustained phishing attempts and spam.

So, if you have had your email address stolen it’s vital that you hold Ticketmaster to account.

Again, it doesn’t matter if there is no evidence of your data being used. If the distress of having your data in the hands of cybercriminals has caused you suffering, you can make a claim.

Anyone who has had their email address stolen could be looking at compensation up to £1,500.

Other personal information stolen

Along with the financial info and email addresses stolen, the Ticketmaster hackers also gained access to personally identifiable information (PII).

PII includes any data that can be used to identify a specific individual, and, if it gets into the wrong hands, it can be used to undertake identity fraud.

For example, with enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Anyone who has had their personal data stolen could be looking at compensation up to £500 – £1,000.

Claim Compensation Now

We have already been contacted by lots of Ticketmaster customers who are worried that their personal data was not looked after as carefully as it should have been.

In response, at Hayes Connor, we are supporting no-win, no-fee compensation claims for everyone who has had their data accessed in the Ticketmaster data breach.

Depending on the numbers involved we may even start a group action against Ticketmaster.

To start your compensation claim, you will need you to register with us. We’ll let you know what is happening in this case and if and when you can make a data breach compensation claim.

Crucially, it doesn’t matter if you haven’t lost out financially as a result of the hack. If the data breach has caused you stress or anxiety, then the law agrees that you are entitled to compensation.

REGISTER NOW

nhs digital data breach
,

Major NHS data breach revealed

It has been revealed that 150,000 patients have had their confidential data used without consent. The shocking breach comes just one month after the GDPR placed new data protection obligations on organisations operating in Europe.

If you are affected, you may be able to start a claim for compensation.

What happened?

In this case, confidential personal data –given on the basis that it was to be used to provide medical care – was exploited for clinical audit and research purposes by the NHS, without the consent of patients.

It is understood that the breach occurred due to a software error which failed to correctly record objections to patient data being used for research purposes. Software developer TPP has “apologised unreservedly” for the mistake and has said that it is working with NHS Digital to fix the error.

NHS Digital has informed the Information Commissioner’s Office (ICO) and the National Data Guardian for Health and Care, and investigations are now taking place.

Have you been affected by the NHS data breach?

All GP practices using the software have been contacted to make sure they are aware of the issue. Likewise, any patients affected will receive a letter from NHS Digital. However, while there is no risk to patient care, if the thought of your data being used in a way you did not agree to has caused you distress, you should start a claim for compensation.

Healthcare breaches are on the rise

Healthcare is rapidly going digital. And, this online information revolution has seen most organisations move away from paper record keeping. However, as our health and social care system becomes digital, it is vital that there are adequate and robust protections in place to secure the data and information held within it. And that healthcare staff have the knowledge and ability to handle such data securely.

In reality, over the last few years, healthcare has proved a lucrative target for hackers, leading to a rise in medical data breaches. In fact, one in 13 patients will have their records stolen after a healthcare provider data breach.

While in this case it was a software error that led to the data being misused, the distress felt by patients is just as concerning.

How can you start a claim for compensation?

If you have objected to your data being shared by NHS Digital for any purpose other than your individual care (type 2 objections), you may have a claim for compensation. The objections not upheld were made between March 2015 and June 26th 2018.

If you have suffered damage or distress caused by a medical or other healthcare organisation breaching any part of the Data Protection Act, you have a right to claim compensation.

At Hayes Connor Solicitors, we’ve been helping people to do just that for over 50 years, so we know what it takes to make a successful medical data breach compensation claim.

With strict-time limits in place for making most compensation claims, if you want to achieve maximum recompense in the minimum amount of time, it’s essential to act now.

Start a claim for compensation

ticketmaster data breach claim
,

Ticketmaster data breach could be tip of the iceberg

Ticketmaster was affected by a significant data protection breach after cybercriminals hacked the company’s website. However, it now looks like the number of people impacted by the theft is significantly worse than first thought.

What has happened so far?

A hacker group has accessed thousands of Ticketmaster customers’ payment details. Some customers of the ticket sales company have had their cards used fraudulently.

Investigating the Ticketmaster data breach, cybersecurity analysts RiskIQ have now identified the hacker group responsible for the malicious code placed on the Ticketmaster websites.

However, RiskIQ not only states that Magecart – a malicious hacking group – perpetrated the Ticketmaster attack, but that was also undertaking a massive credit card skimming operation that has affected over 800 e-commerce websites.

Worse, it appears that this hacking operation has been active since December 2016.

What is the extent of the problem?

It now looks likely that the Ticketmaster data theft was part of a larger credit card scheme. In fact, we could be looking at the biggest theft of credit card details to date.

According to RiskIQ, the hackers behind the attack “seem to have gotten smarter,”. And “rather than go after websites, they’ve figured out that it’s easier to compromise third-party suppliers of scripts and add their skimmer {code}. In some cases, compromising one of these suppliers gives them nearly 10,000 victims instantly.”

Put simply, Magecart could have stolen the credit card information of thousands of people across various websites, by merely targeting only a few companies. Some of the third-party companies allegedly compromised by Magecart include SocialPlus, PushAssist, Clarity Connect and Annex Cloud.

Ticketmaster uses SocialPlus. So, while Inbenta (a third-party software provider) has been established as the entry point for the malicious attack on its systems, at least one other source containing the skimmer had access to the Ticketmaster websites.

So, there could be a lot more to the recent Ticketmaster data breach than first thought.

What does this mean?

Because many shops use these third-parties, RiskIQ claims to have “identified nearly 100 top-tier victims, mainly online shops of some of the largest brands in the world.” It’s not yet clear which e-commerce sites have been affected.

Cyberthreat expert Ross Brewer has said that: “Third party data breaches are a growing problem for businesses. Hackers are persistent. They’re redirecting their attention to smaller, third-party suppliers that can act as a gateway to more lucrative targets. As the saying goes, you’re only as strong as your weakest link, which means if one of your third-party partners doesn’t have the same commitment to data protection, any tools you have in place are essentially rendered useless.”

What now?

There is more to this story than victims were initially told. And, while early estimates predict that 40,000 people in the UK have had their payment details swiped. It now looks likely that this number is much, much higher.

However, regardless of who was behind the attack, Ticketmaster was responsible for keeping your data safe, and this is something it has failed to do.

The Ticketmaster data protection breach has compromised customer names, addresses, email addresses, phone numbers, payment details and Ticketmaster login details. Data that can be used by cybercriminals to steal money from you, apply for credit in your name, set up fraudulent bank accounts and more.

So, if you have suffered damage or distress caused by this hack, you have a right to claim compensation. Ticketmaster has said that it has informed those involved, so if you have received this email let us know!

Data breaches often have severe consequences for those affected so you could be entitled to around £5,000 in compensation.

With data breaches on the rise, something has to be done to make big companies accountable for data losses, so claiming compensation isn’t just in your best interests, it could be the only way to ensure that businesses everywhere implement more secure processes.

REGISTER NOW

Data protection compensation
,

Facebook data breach investigation latest. What’s happening and how can you make a compensation claim?

The Information Commissioner’s Office (ICO) is set to fine Facebook £500,000 for data breaches. That is the maximum financial penalty possible and reflects the severity of the data protection scandal. The ICO also intends to bring criminal action against SCL Elections, the now-defunct parent company of Cambridge Analytica.

If you are a Facebook user and are concerned that your data has been accessed and exploited, get in touch. We’ll let you know if and when you can claim.

GET IN TOUCH

What happened in this case?

  • Social media giant Facebook and controversial data firm Cambridge Analytica are at the centre of a dispute over the harvesting and use of personal data
  • Questions were raised over whether this data was used to influence the outcome of the US 2016 presidential election and the Brexit referendum
  • In March 2017, the ICO began looking into whether personal data had been misused

What is happening now in the Facebook data breach investigation?

Yesterday, the Information Commissioner Elizabeth Denham, published a detailed update of her office’s investigation into the use of data analytics in political campaigns.

The report reveals that the ICO plans to fine Facebook £500,000 for breaches of the Data Protection Act.

The ICO has also said that it is taking steps to bring a criminal prosecution against SCL Elections Limited. While Cambridge Analytica has shut down, the ICO has already said that its directors can still be held liable and possibly criminally prosecuted.

Crucially, the ICO believes that in addition to breaching its own rules, Facebook also failed to ensure Cambridge Analytica had deleted its users’ personal data when requested. What’s more, while the ICO noted that Facebook had been the biggest recipient of digital advertising by political parties and campaigns to date, it said that the company had not done enough to explain to users they were being targeted as a consequence, or given people enough control over how their sensitive personal data was used. As a result, it seems that Facebook is guilty of two breaches of the Data Protection Act.

So, does this mean Facebook will be held to account?

No. The social media giant still has time to make any representations to the ICO before a final decision is made. However, by publishing a Notice of Intent, it is clear that the ICO is taking this matter very seriously. In fact, based on the evidence so far it looks likely that the ICO will issue Facebook with the maximum fine allowed under British law.

However, Facebook could still get away lightly, because if it had been fined under the new GDPR (General Data Protection Regulation), it could have been hit with a penalty of £479m. Indeed, the £500,000 fine is tiny when stacked up against the firm’s value of £445bn.

The impact on political parties

In its report, the ICO raised concerns about political parties buying personal information from data brokers.

Worryingly, Elizabeth Denham has said that: “We are at a crossroads. Trust and confidence in the integrity of our democratic processes risk being disrupted because the average voter has little idea of what is going on behind the scenes.

“New technologies that use data analytics to micro-target people give campaign groups the ability to connect with individual voters.

“But this cannot be at the expense of transparency, fairness and compliance with the law.”

She also said that the impact of behavioural advertising in elections, was significant and has called for a code of practice to fix the system.

The ICO has also written to all the main political parties in the UK pressing them to have their data protection practices audited.

Who else is involved?

 Aggregate IQ

The ICO has said that Aggregate IQ (AIQ), a Canadian company which worked with the Vote Leave campaign in the run-up to the EU Referendum must stop processing UK citizens’ data. AIQ had access to UK voters’ personal data provided by Vote Leave and this information may have been transferred and accessed outside the UK. If so, this would be a breach of the Data Protection Act.

Emma’s Diary

The ICO also named Emma’s Diary; a company that gives medical advice and free baby-themed goods to parents who download an app. It appears that the company may have handed over data which was then used by the Labour Party to campaign to people. As a result, the ICO is about to take regulatory action against Lifecycle Marketing, the owner of the service.

With potentially one million people affected, if you have downloaded and used Emma’s Diary and are concerned that you have been targeted in this way, contact us today to find out more about making a compensation claim.

CONTACT US NOW

Eldon Insurance Services

It has been alleged that the Leave campaign used the personal information of people on the Eldon Insurance and GoSkippy database on the run-up to the Brexit referendum. If true, this is a shocking misuse of private information and anybody affected is likely to have a claim for compensation.

Find out more here.

Vote Leave

The ICO is looking into to what extent Vote Leave transferred the personal data of citizens outside the UK. It is likely that this was in a breach of the Data Protection Act.

Remain campaign

The ICO is investigating the collection and sharing of personal data by the official Remain campaign (Britain Stronger in Europe) and a linked data broker. In particular, it is examining inadequate third party consents and the fair processing statements used to collect personal data.

The University of Cambridge

The Psychometrics Centre at the University of Cambridge carries out research into social media profiles. As part of its investigation, the ICO is considering whether Cambridge University has “sufficient systems and processes in place to ensure that data collected by academics for research is appropriately safeguarded in its use and not re-used for commercial work.”

The ICO said that it expects the next stage of its investigation to be complete by the end of October.

How to make a compensation claim

What’s emerged so far is looking increasingly like just the tip of the iceberg. We could be talking about one of the largest ever group actions of its kind in the UK courts. As such, Hayes Connor Solicitors has launched a group action against Facebook and has appointed Barrister Ian Whitehurst to help in this case.

Having developed a practice in the field of data breach claims for individuals and companies who have had their personal and sensitive data breached by third parties, we are confident that together our team will get the results our clients deserve.

We believe that a group action is the best way forward for data breach claims of this nature. It allows people with the same type of claim in principle to bring it together on a collective basis to strengthen their overall position and increase their chances of settlement or success in litigation.

Furthermore, with a group action claimants often share the legal fees. And, while the cost of pursuing small claims can be a barrier to justice, by grouping cases together, solicitors are often able to run group actions on a no win-no fee basis.

What should you do now?

Contact Hayes Connor Solicitors ASAP. We’ll ensure that you are fully informed on this matter and will notify you about the investigation and your legal rights when making a claim.

REGISTER NOW

ticketmaster claim
,

You can make a claim against Ticketmaster now

Last month, Ticketmaster became the latest company to be affected by a data hack. Estimates suggest that 40,000 people in the UK could be involved; although the final number could be much higher.

The Ticketmaster data hack compromised personal and financial information including customer names, addresses, email addresses, phone numbers, payment details and account login details. Worse, some customers have already had their cards used by cybercriminals.

Following the Ticketmaster data hack, an investigation is now underway by the Information Commissioner’s Office (ICO). If found responsible for this shocking data protection failure the ticket sales company will no doubt have to pay a hefty fine. However, this is little compensation for victims who have suffered financial loss and/or stress due to Ticketmaster’s possible negligence.

There is, however, some good news for Ticketmaster customers. Because even though the investigation is still ongoing, you can claim against Ticketmaster now.

Make a Ticketmaster compensation claim with Hayes Connor Solicitors

At Hayes Connor we are already representing people who have been put at risk due to the Ticketmaster data hack. And we are doing this in a no-win, no-fee basis. This means, if your claim is not successful, you won’t have to pay a penny.

Find out more about no-win, no-fee data breach claims here.

What’s more, to ensure you receive the maximum compensation possible, we will also keep our fee capped at 25% of any compensation you receive if you do win.

Of course, in an ideal world, you would receive all of your compensation. Unfortunately, however, we have to charge a “success fee” to cover our costs in smaller/individual cases.

However, if enough people come forward to make a claim against Ticketmaster, we might be able to waive this fee and get Ticketmaster to pay it instead of you. That would mean that there are no solicitor’s fees win or lose.

While each case is different, if successful, you could be entitled to around £5,000 in compensation, so it’s essential to act.

While in some data breach cases settlement can take over two years to achieve – particularly when waiting for the outcome of an ICO investigation – we have a process in place that means we will be looking to lodge claims in the next few weeks.

What should you do now?

 To start a compensation claim following the Ticketmaster data hack, register with Hayes Connor Solicitors. Doing this guarantees that you will form part of the compensation claims that will be lodged by the firm. Once you have registered with us, it’s important to keep a ‘diary’ or note of events since the hack. This should include things like:

  • Whether your card been used without permission
  • If there are any transactions that your bank has picked up that you haven’t made
  • If you are getting more spam or junk email with your name on it
  • If you are anxious or worried at the thought of people being able to access your data.

IF YOU WISH TO BE A PART OF THIS CLAIM THEN REGISTER YOUR DETAILS TODAY.

ticketmaster data breach
,

How much compensation could you receive following the Ticketmaster data hack?

Last month, Ticketmaster revealed that it was the target of a serious and severe data hack. Early estimates suggest that the attack compromised the personal and financial information of 40,000 people in the UK. However, the final number could be much higher.

Exploiting a weakness on the Ticketmaster payment site, hackers managed to access customer names, addresses, email addresses, phone numbers, payment details and Ticketmaster login details. And, it already looks like Ticketmaster customers have already had their cards fraudulently used on money transfer service Xendpay, Uber gift cards and Netflix (among other items).

Of course, today’s cybercriminals don’t just care about our bank details. They can also cause havoc with our name and other personally identifiable information. In fact, with enough data, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

An ICO investigation is now underway into the Ticketmaster data breach, and if found responsible for this appalling data protection failure the ticket sales company will no doubt have to pay a hefty fine.

However, this is little compensation for victims who have suffered financial loss and/or stress due to Ticketmaster’s possible negligence.

So, while the ICO does not award data breach compensation, our data breach solicitors can help you with that.

Ticketmaster Compensation

How much you might win if you had your financial details stolen and they were used fraudulently £5,000
How much you might win if you had your financial details stolen £3,000
How much you might win if you had your email address stolen £1,500
How much you might win if you had other personal information stolen £500-1,000

Claim Compensation Now

We have already been contacted by lots of Ticketmaster customers who are worried that their personal data was not looked after as carefully as it should have been.

In response, at Hayes Connor, we are preparing to launch compensation claims for everyone who has had their data accessed in the Ticketmaster data breach. Depending on the numbers involved we may even start a group action against Ticketmaster.

To start your compensation claim, you will need you to register with us. We’ll let you know what is happening in this case and if and when you can make a data breach compensation claim.

Crucially, it doesn’t matter if you haven’t lost out financially as a result of the hack. If the data breach has caused you stress or anxiety then the law agrees that you are entitled to compensation.

Data breaches often have severe consequences for those affected so you could be entitled to around £5,000.

REGISTER NOW

ticketmaster data breach claim
, ,

Ticketmaster Data Breach Worse Than Thought

Last week, Ticketmaster revealed a significant breach of user payment details after cybercriminals hacked the company’s website. The data breach affects Ticketmaster, TicketWeb and the resale website Get Me In!

Appallingly, it has since been reported that Ticketmaster knew about the data breach two months before it revealed its payment pages had been hacked, AND that some customers of the ticket sales company have had their cards used fraudulently.

To make matters worse, while Ticketmaster has declined to say how many of its customers have been affected – and is referring all press inquiries to its PR agency – early estimates predict that 40,000 people in the UK have had their payment details swiped. However, the number could be even higher.

HOW CAN CYBERCRIMINALS USE YOUR PRIVATE DATA? 

The Ticketmaster data protection breach has compromised customer names, addresses, email addresses, phone numbers, payment details and Ticketmaster login details. Digital bank Monzo believes that some Ticketmaster customers have had their cards used on money transfer service Xendpay, Uber gift cards and Netflix (among other items).

Along with the financial info stolen, the hackers also gained access to personally identifiable information (PII). PII includes any data that can be used to identify a specific individual, and, if it gets into the wrong hands, it can be used to undertake identity fraud.  For example, with enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Signs that criminals have used your data following the Ticketmaster data breach include:

  • Bills or emails showing goods or services you haven’t ordered
  • Unfamiliar transactions from your account
  • An unexpected dip in your credit score
  • Unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.

Crucially, it doesn’t matter if you haven’t lost out financially as a result of the hack. A personal data breach is a 21st-century version of being burgled and being the victim of a crime can have a significant impact on you mentally and physically. So, if the data breach has caused you stress or anxiety, then the law agrees that you are entitled to compensation.

HOLDING TICKETMASTER TO ACCOUNT

While Ticketmaster was the victim of a cyber-attack, it was responsible for protecting your personal information. So, if you have suffered damage or distress caused by this hack, you have a right to claim compensation.

According to Monzo, it warned Ticketmaster that it might be at risk as early as April, but an internal investigation failed to reveal any security issues.

Commenting on this case, Natasha Vernier, Head of Financial Crime at Monzo said:

 “On Friday 6th April, around 50 customers got in touch with us to report fraudulent transactions on their accounts and we immediately replaced their cards.

“After investigating, our Financial Crime and Security team noticed a pattern: 70% of the customers affected had used their cards with the same online merchant between December of last year and April this year. That merchant was Ticketmaster. This seemed unusual, as overall only 0.8% of all our customers had used Ticketmaster.”

As the matter intensified, between 19-20 April, Monzo sent out six thousand replacement cards to customers who had used Ticketmaster. However, on 19 April, Ticketmaster claimed that there was no evidence of a breach. It also said that no other banks were reporting similar security patterns.

IS TICKETMASTER TO BLAME

Now having to defend this behaviour, Ticketmaster is blaming third-party supplier Inbenta for the security breach. And, it has been confirmed that the hack occurred due to a single piece of JavaScript code customised by Inbenta to meet Ticketmaster’s requirements. Identifying a weakness in this code, attackers used this vulnerability to extract customer information as they were paying for tickets.

However, the Inbenta CEO has said that:

 “Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customized script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability.”

Either way, it is likely that Ticketmaster or Inbenta was negligent in safeguarding your data due to insufficient security systems. Just because they were a victim of a crime does not mean they are any less liable.

Worryingly, a senior software developer at a leading UK cybersecurity company has added:

“If the malicious actor had access to this ‘backend’ what else have they done and what dormant malicious code could still be residing ready to activate?”

 With data breaches on the rise, something has to be done to make big companies accountable for data losses, so claiming compensation isn’t just in your best interests, it could be the only way to ensure that businesses everywhere implement more secure processes.

 HAVE YOU BEEN AFFECTED?

UK customers who purchased, or attempted to buy, tickets between February and June 23 this year may be at risk, as well as international customers who purchased, or tried to purchase, tickets between September 2017 and June 23.

Ticketmaster has said that it has informed those involved. But, while it has offered customers free security software, it has not provided data breach compensation.

If you have been emailed by Ticketmaster and told that your details are at risk, make sure that by agreeing to any free offers, you are not inadvertently signing away your rights to make a data breach compensation claim.

 WHAT SHOULD YOU DO NOW?

With an ICO investigation now underway into the Ticketmaster data breach, whoever is to blame for this appalling data protection failure will no doubt have to pay a hefty fine. And, while the ICO does not award data breach compensation, our data breach solicitors can help you with that.

We have already been contacted by a high number of Ticketmaster customers who are worried that their personal data was not looked after as carefully as it should have been.

In response, at Hayes Connor, we are preparing to launch compensation claims for everyone who has had their data accessed in the Ticketmaster data breach. Depending on the numbers involved we may even start a group action against Ticketmaster.

To start your compensation claim, you will need you to register with us. We’ll let you know what is happening in this case and if and when you can make a data breach compensation claim.

Data breaches often have severe consequences for those affected so you could be entitled to around £5,000 in compensation.

REGISTER NOW