In November 2021, Stor-a-File, a document management company, announced that data it held electronically for 13 organisations, had been hacked by cyber-criminals in August 2021. After Stor-a-File refused to pay a ransom, the cyber-criminals have posted some of this stolen information on the dark web, a part of the internet used by criminals that is accessible with specialist software.
While the identify of all 13 organisations is not known, it has been confirmed that Stor-a-File customers affected by the data breach include:
- The Lister Fertility Clinic
- Marie Stopes
- The British Pregnancy Advisory Service
who say that they have informed all patients affected by the data breach that their very sensitive medical records have been hacked.
It is also thought that the data breach affected the Nuffield Health Leicester Hospital and a small number of NHS Trusts and that the stolen files include the names of British military personnel in Kuwait and people who work in military intelligence.
Those affected by the data breach are likely to have claims for compensation under the General Data Protection Regulation for failing to keep their personal data safe. Given the very sensitive nature of the data, these claims are likely to be substantial.
Why use Leigh Day
Our team has more than 20 years' experience advising on data protection and privacy matters and are recognised as being experts in this field
We have secured compensation in cases where clients' personal, medical and financial information was wrongly accessed.
We have settled cases against a range of companies, the Government, the police, local authorities and the NHS.
Data breach by Stor-a-File affecting Lister Fertility Clinic, Marie Stopes and British Pregnancy Advisory Service
Leading data breach lawyers say that this month’s announcement by Stor-a-File, the document management firm, that data it held electronically for 13 organisations, had been hacked is likely to lead to substantial claims for compensation by those affected.