Employees Blame Their Employer For Data Theft

A sophisticated cyber attack at a midlands Mercedes dealership led to 'personal data of more than 100 staff being accessed', a data breach specialist law firm has claimed. 

The security breach has now prompted staff to take legal action against their employers.

Legal experts from Hayes Connor are conducting the legal action against Mercedes dealership LSH Auto, which has dealerships in Stockport and Bury, after failing to get any answers from the company about how the data had been breached and what had happened to it.

Staff from the Mercedes dealership LSH Auto, which has sites in Erdington and Solihull, have been affected and this 'security incident' that happened in June 2021.

But today specialist data breach law firm Hayes Connor confirmed the start of the group's legal flight. It includes both current workers at LSH’s eight dealerships and former members of staff. The 106-strong group were first contacted by bosses at the firm by letter more than six months ago which led to serious concerns among those affected. But Hayes Connor said that they "failed to get any answers from the company as to how their data had been breached and what happened to it."

A letter warned staff the business had suffered a "security incident" on June 3, last year, which “may have resulted in unauthorised access to your personal data”. It went on to say that the cyber attack was carried out by "unknown and unauthorised individual(s)."

Experts at Hayes Connor have been working with a growing number of people affected by the breach since then. The firm said the action was a bid to find out exactly how the cyber attack could have happened and what data had been accessed.

It is feared bank details, National Insurance numbers and other personal information could have been compromised in the attack. This, the group’s legal advisers say, has caused them "months of concern as they wait to find out more.

The initial letter caused huge concern amongst those affected," said Christine Sabino, a Legal Director from Hayes Connor. "Being told out of the blue that your data has been breached is worrying enough, but all of those affected still don’t know which data was accessed and what might have happened to it... Whether they still work for this dealership or not, every single one of our clients has a right to know exactly what went wrong here. LSH owes each and every person affected an explanation for this unnecessary distress and should say what they intend to do for them.”

The legal action raises important questions about the responibilty of employers to protect  private, highly personal information and the extent of their liabity when it is exposed or stolen.

Martyn Webb, the managing director at LSH Auto UK, said: “In June 2021, LSH Auto UK was the victim of a sophisticated cyber-attack contained to its UK business. We take the security of our systems and data extremely seriously, and so we immediately took action to protect our systems and engaged forensic specialists to investigate the incident... Our investigations concluded that there was no evidence that any potentially compromised data had been misused and the Information Commissioner’s Office subsequently confirmed that it would not be taking any further action.

“We are sorry this happened and the uncertainty that it caused, we take such matters seriously and have and continue to take all necessary steps to protect against cyber attacks.” Webb said. 

Birmingham  Mail:     Online News UK:    Cyber Security InsidersOlxpraca:     Image: Unsplash

You Might Also Read: 

Blame The Boss For Cyber Attacks:

 

« Hacker Behind Kaseya Ransomware Attack Extradited
Ukraine's 'IT Army' Risks Being Hijacked By Malware »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Talend

Talend

Talend is a leader in cloud and big data integration software. Applications include Risk and Compliance management.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

Synectics Solutions

Synectics Solutions

Synectics deliver solutions for reducing risk, combating financial crime, and enabling organisations to meet their compliance and regulatory commitments.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

Seavus Accelerator

Seavus Accelerator

Seavus Accelerator's goal is to create an enabling and stimulating environment for start-ups growth and provide continuous high quality acceleration and investment support.

Neudomains

Neudomains

Neudomains is a Corporate Domain Name Management and Brand Protection Online Specialist. One of the world's top providers of online brand protection and enforcement.

Adyta

Adyta

Adyta specializes in cybersecurity solutions adapted to the needs of sovereign institutions, business groups and other organizations that handle information and sensitive or classified data.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Etisalat

Etisalat

Etisalat Group is one of the world’s leading telecom groups in emerging markets.

AnyTech365

AnyTech365

AnyTech365 is a leading European IT Security and Support company helping end users and small businesses have a worry-free experience with all things tech.

PreVeil

PreVeil

We started PreVeil to bring radically better security to ordinary business and personal communication and information storage.

Finesse Global

Finesse Global

Finesse is a global system integration and digital business transformation company.

HCS

HCS

HCS is an IT Company and Telecoms provider with an experienced team who are dedicated to ensuring our clients business systems are protected.