December 23, 2020
December 23, 2020

Sorry, I don’t speak Legalese: Breach

What is a Breach? 

A breach is the act of someone breaking, or failing to observe, their legal obligations. A contract can be breached in whole or in part. 

In the case of a data breach, a trusted company can violate their legal obligations to a customer by having insufficient data security and not treating your data with the care it deserves. 

Personal Data Breaches

According to the General Data Protection Regulation (GDPR), a personal data breach is “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed”.

Personal data only includes information relating to natural persons who can be identified or who are identifiable, directly from the information in question. Or those who can be indirectly identified from that information in combination with other information.

An individual is ‘identified’ or ‘identifiable’ if you can distinguish them from other individuals. The GDPR gives the following examples of ‘identifiers’:

  • Names
  • Addresses
  • Debit and Credit Card Numbers
  • CVVs

Personal data breaches can be categorized into:

  1. Confidentiality breach: Where there is an unauthorized or accidental disclosure of, or access to, personal data. This type of breach is most common with patients’ records.
  2. Availability breach:  Where there is an accidental or loss of access to, or destruction of, personal data. 
  3. Integrity breach: Where there is an unauthorized or accidental alteration of personal data.

All three categories can be involved in one single breach, depending upon the circumstances.

Three Famous Data Breaches

1. Marriott Hotels

A 2018 data breach by Marriott hotels led to the compromise of over 300 million guests’ personal data. Payment card numbers and expiry dates posed the most immediate risks, but passport numbers, dates of birth and email addresses were among other sensitive information left open to cyber attackers.  The ICO fined Marriott £99 million.  

2. Virgin Media

It was announced in 2020 that a Virgin Media database with more than 900,000 clients’ personal information was left unsecured for 10 months.  Phone numbers, email addresses and home addresses were easily accessed by third parties during the leak. A formal apology was offered, and an email was sent out to all victims affected, but no compensation was given. 

3. British Airways

The BA data breach took place in 2018, and it is estimated that it affected more than 420,000 people throughout the UK and the world.  Full names, debit and credit card numbers (including CVVs), addresses, and email addresses were among the personal data leaked. 

We are currently seeking justice for thousands of victims involved in the BA data breach.

How Can I Protect Myself from a Data Breach?

  1. Use strong and unique passwords for each of your accounts
  2. Create these strong passwords using a password generator
  3. Turn on dual-factor authentication for each account where it is offered
  4. Update your devices and ensure they are running the latest operating system versions
  5. Backup your data – turn on automatic backups where possible.

You can find out more, here. 

More Opinions

Jan Faulkner: 'Why I’m launching a campaign to extend the limitation period on medical devices'
Pogust Goodhead's Client Liason Officer Jan Faulkner has launched a campaign called 'Raise the Limit' to extend the medical limitation period.
Read More
New guidelines balance the twin interests of promoting competition and protecting the environment 
The Competition and Markets Authority recently published guidance to help businesses understand how they can lawfully collaborate on environmental sustainability...
Read More
Re-analysis of puberty blockers study raises concerns about mental health in transgender youth
In 2011, a study initially found that hormone blockers made 'no change' to psychological function, but a reanalysis of the data showed that 34% of participants...
Read More