Urgent: Review your Data Security Now as 500m Yahoo Accounts Hacked in Largest Ever Data Breach

Hackers have stolen information from half a billion Yahoo user accounts worldwide, including 8 million UK user accounts, in what is believed to be the largest and most high profile publicly declared data security breach in history. The incident serves as a reminder to organisations to urgently review their data security processes and procedures in line with legal requirements. What happened? The incident occurred in late 2014 but only came to light in August 2016 when a hacker was discovered selling Yahoo user account information online. The stolen information comprised: user names; e-mail addresses; telephone numbers; dates of birth; and encrypted and unencrypted security questions and ans

Direct Marketers: Beware of Trigger-Happy ICO as £100,000 Fines Issued

The Information Commissioner’s Office (the “ICO”) has issued £100,000 fines against organisations engaged in illegal direct telephone call and text marketing activity. As the ICO averages fines of almost £10,000 per day in 2016 and receives around 13,000 complaints per month, organisations must now review their direct marketing strategies and push legal compliance higher up their corporate agendas before it is too late. What does the law say? Direct marketing laws are contained within the Data Protection Act 1998 (“DPA”) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”). Organisations cannot send unsolicited electronic direct marketing communications (e-

Nursing Home fined £15,000 for Data Security Breach

A nursing home has been fined £15,000 by the UK Data Protection Regulator, the Information Commissioner’s Office (the “ICO”), because it did not take adequate steps to protect personal data taken home by a staff member on an office laptop. The laptop was stolen from the staff member’s house during a burglary. What was on the laptop? The laptop contained information concerning staff disciplinary matters and absence (including reasons for absence and medical certificates) and information regarding residents’ physical and mental health conditions. This is sensitive personal data for the purposes of the Data Protection Act 1998 (the “DPA”). What does the DPA say? The DPA requires organisations

Featured Posts
Recent Posts
Search By Tags
Follow Us
  • Black Twitter Icon
  • Black Facebook Icon



272 Bath Street


G2 4JR




Tel: 07852 905 779




Open Monday to Friday

8.00am to 6.00pm

  • Black Twitter Icon
  • Black Facebook Icon


Website By DesignReDesign.co.uk

Information Law Solutions Limited is a company incorporated in Scotland with registered number SC543438 and having its registered office at 272 Bath Street, Glasgow, G2 4JR

  • Twitter - Black Circle
  • Facebook - Black Circle