Staff sue car dealership after cyber attack breach
A CYBER attack at a Mercedes dealership saw workers’ personal accessed – prompting staff to now take legal action against their employers.
Employees from the Mercedes dealership LSH Auto – which has sites in Erdington and Solihull – were affected after the security incident happened in June last year.
Specialist data breach law firm Hayes Connor confirmed the start of the group’s legal action. It includes both current workers at LSH’s eight dealerships and former members of staff.
The 106-strong group were first contacted by bosses at the firm by letter more than six months ago which led to serious concerns among those affected.
But Hayes Connor claimed that they “failed to get any answers from the company as to how their data had been breached and what happened to it”.
A letter warned staff the business had suffered a “security incident” on June 3, last year, which “may have resulted in unauthorised access to your personal data”.
It went on to say that the cyber attack was carried out by “unknown and unauthorised individuals.”
Experts at Hayes Connor have been working with a growing number of people affected by the breach since then.
It is feared bank details, National Insurance numbers and other personal information could have been compromised in the attack. Christine Sabino, a legal director from Hayes Connor, said: “Being told out of the blue that your data has been breached is worrying enough, but all of those affected still don’t know which data was accessed and what might have happened to it. “Whether they still work for this dealership or not, every single one of our clients has a right to know exactly what went wrong here.
“LSH owes each and every person affected an explanation for this unnecessary distress and should say what they intend to do for them.”
Martyn Webb, the managing director at LSH Auto UK, said: “In June 2021, LSH Auto UK was the victim of a sophisticated cyberattack contained to its UK business. We take the security of our systems and data extremely seriously, and so we immediately took action to protect our systems and engaged forensic specialists to investigate.
“We took immediate steps to protect our employees and communicate with them. Our investigations concluded that there was no evidence that any potentially compromised data had been misused and the Information Commissioner’s Office subsequently confirmed that it would not be taking any further action.”