In late April, it was revealed that the online digital services for Legal Aid, the Government agency responsible for providing legal funding, had been hit by a cyber attack. It was initially thought that the only systems compromised were the ones which allow Legal Aid providers to log the work that they complete and receive payments from the Government, but we now know that in addition to this, a significant amount of personal data, including contact details, addresses, dates of birth, criminal records, national ID numbers, employment status has also been compromised. It is estimated that roughly 2 million pieces of data are affected.

Coinbase, an American based cryptocurrency exchange has confirmed that following a cyber attack last week, customer data has been stolen. In a report to the United States Securities and Exchange Commission, Coinbase say that they received an email from an unknown actor claiming that had obtained information about certain Coinbase customer accounts and internal documentation regarding customer service and account management systems.

The ICO have announced that they have taken enforcement action against Newcastle based sole trader Darian Bishop (trading as ECO4U) after it was found that they had made 194,110 unsolicited marketing calls to individuals who were registered with the Telephone Preference Service. This was picked up by the ICO in October 2023 after only 21 complaints to them and the TPS.

In April, Marks & Spencer was hit by a cyber attack which continued to cause issues both in store and online. It has now been revealed that as part of this incident, some personal customer data has been stolen, potentially including names, dates of birth, contact information, home addresses and online order history.

AFK Letters, a company who writes letters on behalf of customers seeking compensation or refunds for products and services, has been fined £90,000 by the ICO following an investigation which found they had made over 95,000 marketing calls without being able to demonstrate consent from the individuals contacted.

The European Commission, the body responsible for drafting proposals for new European legislation, has fined Apple €500 million and Meta €200 million for breaches of the Digital Markets Act. They found that Apple had breached its anti-steering obligations, and that Meta had breached its obligation to offer consumers the choice of a service which uses less of their personal data.

Following the discovery of an attempted hack, The Co-op have been forced to shut down parts of their IT system. On the 29th of April, a letter was sent out to members of staff that as part of measures taken to “keep systems safe”, access to some systems had been “pre-emptively withdrawn”. It is not expected that this’ll impact customers directly, with only back office and call centre services being slightly impacted.

The ICO have announced that law firm DPP Law Ltd have been fined £60,000 following a cyber attack in June 2022, that led to sensitive and personal data being published on the dark web.

The Information Commissioner’s Office have confirmed that software provider Advanced Computer Software Group Ltd (Advanced) have been fined £3 million over security failings that in 2022, led to a ransomware attack that disrupted critical NHS services and compromised the personal data of roughly 80 thousand patients.

The Government announced the introduction of the Data (Use and Access) Bill (DUA Bill) in the House of Lords on 23rd October 2024 – the first draft of Labour’s proposed changes to data protection law following the failure by the former Conservative Government to embed their Data Protection and Digital Information Bill (DPDI Bill) in law.

A Bedford-based security expert (PRIVACYHELPER) has raised concerns over the planned use of facial recognition software by Bedfordshire Police at this weekend’s River Festival.

Say ‘data protection’ or ‘privacy’ to most businesspeople, and their eyes roll. They know it’s important, they know they need to be on it, but it is so complex. But say those same words to Andy Chesterman, Managing Director of Bedford-based PrivacyHelper, and his eyes light up…