Hospital Metalcraft, also known as Bristol Maid, manufactures medical furniture and equipment. The medical manufacturer recently wrote to its employees to inform them of a data breach involving their personal data. This follows an IT security incident in which they suffered a ransomware attack. As a result, the personal data of employees’ has now been exposed.
On 16th October 2021, Hospital Metalcraft was subject to a data breach where hackers accessed their systems and copied information including employee data.
The hackers used ransomware – a type of malware designed to encrypt files on a device. This renders the files and the systems that rely on them unusable.
After encrypting the files, hackers then attempted to ransom the data back for profit.
The information accessed in the Hospital Metalcraft data breach was personal employee data. This includes, but is not limited to, full name, home address, email address, bank account details, date of birth, national insurance number, HR correspondence, job applications, and photographs of employees.
Hospital Metalcraft is working closely with two cybersecurity firms to conduct a thorough investigation. They have also notified the Police, Action Fraud and the Information Commissioner’s Office (ICO).
A data breach can result in identity theft or financial loss. Hospital Metalcraft is offering victims a twelve-month membership with Equifax Protect. This service provides users with identity protection and resolution of identity theft.
If your data has been compromised by the Hospital Metalcraft data breach, they should inform you of the situation.
Individuals can claim compensation for the loss of their personal data. To make a claim, you must be able to show that you have suffered because of the data breach. This can include financial damages or personal distress.
Commenting on the Hospital Metalcraft data breach, Mark Montaldo, Director and data breach specialist at CEL Solicitors, said: “Hackers are increasingly targeting employers who hold a veritable treasure trove of information for fraudsters. Employers, therefore, need to review their IT security to ensure they’re doing everything in their power to protect their staff. In this case, given the amount of personal data compromised, employees are naturally worried about potential identity theft. We’d therefore urge anyone affected to notify their bank, change, and strengthen their passwords, take advantage of any free credit check reports and most importantly look out for any suspicious activity. Time and time again we see victims of data breaches go on to be victims of fraud so those affected should be vigilant.”