Business Legal Services Personal Legal Services

The Latest Data Breaches Revealed – Are YOU A Victim?

The Latest Data Breaches Revealed – Are YOU A Victim?

HMRC Penalty Notice Data Breach

The Institute of Chartered Accountants in England and Wales (ICAEW) have been among thousands of agents who have received penalty notices which are NOT for their clients.

HMRX were notified of the late-filing penalty notices for 2019/20 error that were all issued on 23rd March 2021. It was highlighted that the letters included notices for other members of the public and not for their clients. There were multiple errors being send out via post which has been put down to a lack of testing for automated systems at HMRC, which performed a bulk run that subsequently resulted in errors.

The total number of individual penalty notices sent to the wrong agent is 18,496 with 15,459 agents affected  by either receiving noticed they should not have or not receiving notices that were sent to another agent. Two tax payers also received agent copies relating to other tax payers.

All notices have been reissued and re sent with advice to discard notices that are not for the intended recipient.


Football Investors Identities Revealed Via DCMS Data Breach

The Department for Digital, Culture, Media and Sport (DCMS) confirmed data breach of hundreds of Football Index customers.

The breach occurred when an email was sent to more than 500 customers where the CC option was used as opposed to the BCC (blind carbon copy) option which would hide others copied into the email, therefore this exposed over 500 personal email addresses making those customer identifiable. The email surrounding the recent collapse of the gambling platform. In a response to those complains is how these customers became embroiled in the data breach.

A follow up email has been sent to those affected apologising for the recent copied in error asking for recipients to delete the email in question. It has not been highlighted if the breach has been reported to the ICO as of yet.


Merseyrail Ransomware Attack Withholding Employee and Customer Information

The ICO have been made aware of the incident which could affect Merseyrail’s employee’s and customers information. Mersyrail is a UK rail network that provides train service through sixty-eight stations in the Liverpool City Region in England.

The cyber-attack investigation has been launched after the cyber-criminals ‘Lockbit Ransomware Gang’ managed to operate the directors email sending an email to: BleepingComputer, various UK newspapers, and the staff of Merseyrail confirming the hack and providing evidence of the information they now withhold.

There is not an update to confirm if these details have been breached.






My Housing Association have ignored the problems in my property for years. When Angelus Law got involved they ended up getting all the problems fixed for free and I received thousands in compensation.

Alan Peters

When I moved into my house 4 years ago, it turns out my landlord didn’t protect my deposit until 2 months after I had moved in. Angelus Law recovered 3 times the amount of the deposit as compensation for me.

Julie Owens

I thought I had lost every chance of a happy retirement when my SIPP collapsed. My Financial Advisor had told me my money would be safe. Angelus recovered my full investment plus interest.

Marc Lyons