fbpx

0151 459 5850

Search
Close this search box.

Latest Data Breach Round-Up – June 2024

Facebook
Twitter
LinkedIn

In our regular update, we provide a roundup of some of the data breaches that occurred over the last few months.   

Southern Water

Earlier this year, Southern Water revealed that some of its data had been breached. The security violation happened following an “illegal intrusion” into the company’s IT systems. In other words, a cyber-attack.   Data belonging to 5-10% of customers has been stolen in the cyber-attack. However, Southern Water provides essential water services to 2.5 million customers and wastewater services to more than 4.7 million customers, so this has the potential to be a far-reaching data breach. 

Our data protection lawyers are investigating this incident. If we believe poor security processes at Southern Water led to this data breach, we will launch a no-win, no-fee compensation claim. 

FIND OUT MORE 

23andMe

The Information Commissioner’s Office (ICO) has launched a joint investigation into the 23andMe data breach with the Office of the Privacy Commissioner of Canada (OPC).   The news of the joint investigation into the data breach implies that weaknesses in 23andMe’s data security processes did exist. In our opinion, the ICO is notoriously under resourced and is unlikely to launch an investigation into a hack without cause to do so.   

FIND OUT MORE 

2Plan

In May 2023, 2plan discovered a cyberattack. The firm alerted the FCA, the Information Commissioner’s Office, advisors, and some clients about the breach. In March 2024, 2plan contacted more clients to warn them that their data may also have been stolen in the ‘cyber incident’. 

Ministry of Defence

Earlier this year, the personal information of serving UK military personnel was accessed in a significant data breach. The hack targeted a payroll system used by the Ministry of Defence (MoD). The Chinese state is reported to be behind the attack.   

In 2023, payroll provider Zellis was hacked after cybercriminals – believed to be part of a Russian crime group – exploited a security flaw in the MOVEit software.    

Lewisham Council

In May 2024, the BBC revealed that Lewisham Council published personal resident data on its website for almost a year. The information related to people who had commented on a planning application. The names, addresses and contact details of 156 people were publicly available online for 11 months.  

NHS Dumfries and Galloway

A hacker group gained possession of some patient data after a cyber-attack against NHS Dumfries and Galloway. A darknet post by Inc Ransom alleged that it had stolen three terabytes of data from NHS Scotland. The hackers posted a “proof pack” of some of the data, which has been confirmed as genuine. 

In March 2024, our firm changed its name to KP Law. 

Search KP Law

Group Action Cases

FIND OUT MORE ABOUT OUR CURRENT GROUP ACTION CASES HERE.

Recent Posts

Follow us:

Twitter Linkedin Facebook

Share this article:

Recent awards, shortlistings, and listings

KP Law has some of the most skilled data breach lawyers in England and Wales. Here are just some of our success stories.

Previous
Next
Read more about our success and recognition
CONTACT US
  • 0151 459 5850
  • enquiries@kpl.co.uk
  • 316 - 319 Cotton Exchange Old Hall Street, Liverpool, L3 9LQ
  • 81 Chancery Lane, London, WC2A 1DD
  • Two Snowhill, Birmingham, B4 6GA
  • 3 Hardman Square, Spinningfields, Manchester, M3 3EB
USEFUL LINKS
START A CLAIM

KP Law is a founding member of the Collective Redress Lawyers Association (CORLA). CORLA aims to improve access to justice for claimants by way of collective redress.  

FOLLOW US
Facebook Linkedin

Disclaimer | Privacy Policy | Cookies |  Complaints | Equality & Diversity