Employees Blame Their Employer For Data Theft

A sophisticated cyber attack at a midlands Mercedes dealership led to 'personal data of more than 100 staff being accessed', a data breach specialist law firm has claimed. 

The security breach has now prompted staff to take legal action against their employers.

Legal experts from Hayes Connor are conducting the legal action against Mercedes dealership LSH Auto, which has dealerships in Stockport and Bury, after failing to get any answers from the company about how the data had been breached and what had happened to it.

Staff from the Mercedes dealership LSH Auto, which has sites in Erdington and Solihull, have been affected and this 'security incident' that happened in June 2021.

But today specialist data breach law firm Hayes Connor confirmed the start of the group's legal flight. It includes both current workers at LSH’s eight dealerships and former members of staff. The 106-strong group were first contacted by bosses at the firm by letter more than six months ago which led to serious concerns among those affected. But Hayes Connor said that they "failed to get any answers from the company as to how their data had been breached and what happened to it."

A letter warned staff the business had suffered a "security incident" on June 3, last year, which “may have resulted in unauthorised access to your personal data”. It went on to say that the cyber attack was carried out by "unknown and unauthorised individual(s)."

Experts at Hayes Connor have been working with a growing number of people affected by the breach since then. The firm said the action was a bid to find out exactly how the cyber attack could have happened and what data had been accessed.

It is feared bank details, National Insurance numbers and other personal information could have been compromised in the attack. This, the group’s legal advisers say, has caused them "months of concern as they wait to find out more.

The initial letter caused huge concern amongst those affected," said Christine Sabino, a Legal Director from Hayes Connor. "Being told out of the blue that your data has been breached is worrying enough, but all of those affected still don’t know which data was accessed and what might have happened to it... Whether they still work for this dealership or not, every single one of our clients has a right to know exactly what went wrong here. LSH owes each and every person affected an explanation for this unnecessary distress and should say what they intend to do for them.”

The legal action raises important questions about the responibilty of employers to protect  private, highly personal information and the extent of their liabity when it is exposed or stolen.

Martyn Webb, the managing director at LSH Auto UK, said: “In June 2021, LSH Auto UK was the victim of a sophisticated cyber-attack contained to its UK business. We take the security of our systems and data extremely seriously, and so we immediately took action to protect our systems and engaged forensic specialists to investigate the incident... Our investigations concluded that there was no evidence that any potentially compromised data had been misused and the Information Commissioner’s Office subsequently confirmed that it would not be taking any further action.

“We are sorry this happened and the uncertainty that it caused, we take such matters seriously and have and continue to take all necessary steps to protect against cyber attacks.” Webb said. 

Birmingham  Mail:     Online News UK:    Cyber Security InsidersOlxpraca:     Image: Unsplash

You Might Also Read: 

Blame The Boss For Cyber Attacks:

 

« Hacker Behind Kaseya Ransomware Attack Extradited
Ukraine's 'IT Army' Risks Being Hijacked By Malware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Global Secure Solutions (GSS)

Global Secure Solutions (GSS)

Global Secure Solutions is an IT security and risk consulting firm and authorised ISO training partner for the PECB.

Brit

Brit

Brit PLC is a market-leading global specialty insurer and reinsurer, focused on underwriting complex risks including cyber, privacy and technology.

ShmooCon

ShmooCon

ShmooCon is an annual east coast hacker convention offering three days of demonstrations and discussions of critical infosec issues.

CyberESI

CyberESI

CyberESI is a Managed Security Service Provider providing 24x7 remote security monitoring and management of your mission-critical networks.

RedSeal

RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

Compnet

Compnet

Compnet is a service company that assists customers in integrating complete ICT systems including network infrastructure and security solutions.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

Prodera Group

Prodera Group

Prodera Group is a specialist technology consulting partner trusted to help navigate the complex and dynamic lifecycle of change and transformation.

The Citadel Department of Defense Cyber Institute (CDCI)

The Citadel Department of Defense Cyber Institute (CDCI)

CDCI is established to address the critical national security needed for a skilled cybersecurity workforce.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

StickmanCyber

StickmanCyber

At StickmanCyber we are on a mission to create a digital world that is safe for everyone - we are your trusted cybersecurity partner.

gener8tor

gener8tor

The gener8tor Cybersecurity Accelerator offers a cutting-edge program in San Antonio, home to the second-largest concentration of cybersecurity experts in the United States.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.