fbpx

0151 459 5850

Search
Close this search box.

Mainspring Data Breach

THIS ACTION IS NOW CLOSED

In July 2022, Mainspring wrote to clients to alert them to a data breach. The security failure happened when hackers gained access to Mainstream’s systems and data and carried out a ransomware attack.

In 2022, Mainspring, which provides fund administration and accounting services, experienced a severe data breach. The company, which serves 80 fund managers and manages over £8 billion in assets, contacted its clients to let them know about the privacy violation. This email was sent on 19 July.

The information potentially exposed in the Mainspring attack included:  

  • Data revealing racial or ethnic origin  
  • Health data  
  • Basic personal identifiers e.g., first name, surname, salutation
  • Contact details e.g., email address, residential address, postal address
  • Identification data e.g., usernames
  • Economic and financial data e.g., bank details, investment holdings, cash balances 
  • Official documents e.g., driving licenses 
  • Location data 
  • Criminal convictions, offences  

This information related to investors and fund managers, although not all the information applies to each group. People who had previously had a relationship with Mainspring may also have been affected. 

Mainspring contacted those affected by this breach. 

Here’s what we know about the security incident:
  • Mainspring’s threat detection software identified suspicious activity within its core IT system on 12 July 2022
  • Hackers gained access to Mainstream’s systems and data and carried out a ransomware attack. The ransomware had been installed on various servers
  • Mainspring was able to lock down its system and prevent further damage
  • Mainspring was able to restore all of the data it holds from backups
  • It is unclear how much personal adviser and client data the hackers were able to access during the attack, or what has (or will) be done with this information.

Why did victims of this breach claim data breach compensation?

To hold Mainspring to account for failing to protect their private information.

To receive financial compensation for any losses related to this breach.

To force Mainspring to implement better data security.

People affected by the Mainspring data breach were at risk

While Mainspring said that the breach did not affect client money, and that there was no evidence of an attempt to access bank accounts, it simply could not be sure that the stolen data would not be used maliciously.  

Mainspring did acknowledge that those affected should be “extra vigilant for suspicious emails and potential phishing attempts”. It also warned those people it held bank details on to monitor their account(s) for any unusual activity. 

Similar data breaches have resulted in fraud, blackmail, and identity theft, so investors and fund managers were at high risk of being targeted by cybercriminals. 

Mainspring data breach timeline

  • 12 July 2022
    Mainspring’s threat detection software identifies suspicious activity within its core IT system
  • 14 July 2022
    Mainspring files an incident report with the ICO
  • 19 July 2022
    Early-stage results from Mainspring’s investigation reveals that some data has been exfiltrated from its system. Mainspring contacts affected individuals to notify them about the breach
  • 22 July 2022
    Mainspring provides additional information about password protection and what individuals can do to better protect themselves online
  • 29 July 2022
    Mainspring engages to two independent third parties to “provide additional oversight and review of our system restoration as well as secondary monitoring and investigation of the forensic data.”

Your questions answered

See our answers to the FAQs we got asked about the Mainspring Data Breach.

How did the security incident happen?

In July 2022, Mainspring experienced a ransomware cyberattack. Mainspring investigated the incident and discovered that some personal data had been accessed. This information relates to investors and fund managers. 

What data was accessed?

The information potentially exposed in this attack included:  

  • Data revealing racial or ethnic origin
  • Health data
  • Basic personal identifiers e.g., first name, surname, salutation
  • Contact details e.g., email address, residential address, postal address
  • Identification data e.g., usernames
  • Economic and financial data e.g., bank details, investment holdings, cash balances
  • Official documents e.g., driving licenses
  • Location data
  • Criminal convictions, offences  
Was my data accessed?

If you were affected by the data breach, Mainspring should have been in touch to notify you. 

How did Mainspring respond to the attack?

Mainspring did not engage with the perpetrators or pay the ransom demanded. Mainspring did file an incident report with the ICO on Thursday 14 July 2022. It also reported the incident to Action Fraud.  

Can I make a Mainspring data breach claim?

Our action is now closed. So you cannot make a claim with our firm. 

Recent awards, shortlistings, and listings

KP Law has some of the most skilled data breach lawyers in England and Wales. Here are just some of our success stories.

Previous
Next
Read more about our success and recognition
CONTACT US
  • 0151 459 5850
  • enquiries@kpl.co.uk
  • 316 - 319 Cotton Exchange Old Hall Street, Liverpool, L3 9LQ
  • 81 Chancery Lane, London, WC2A 1DD
  • Two Snowhill, Birmingham, B4 6GA
  • 3 Hardman Square, Spinningfields, Manchester, M3 3EB
USEFUL LINKS
START A CLAIM

KP Law is a founding member of the Collective Redress Lawyers Association (CORLA). CORLA aims to improve access to justice for claimants by way of collective redress.  

FOLLOW US
Facebook Linkedin

Disclaimer | Privacy Policy | Cookies |  Complaints | Equality & Diversity