BreachExchange mailing list archives
Abuse victims data breach could cost £2.5m in damages
From: Destry Winant <destry () riskbasedsecurity com>
Date: Thu, 28 May 2020 08:20:21 -0500
https://www.belfasttelegraph.co.uk/news/northern-ireland/abuse-victims-data-breach-could-cost-25m-in-damages-39230665.html An apology from Northern Ireland abuse victims' advocate Brendan McAllister for a serious data breach at his office does not go far enough, it has been claimed. While other victims have said they retain their confidence in Mr McAllister, who said he won't be standing down, Margaret McGuckin from the Survivors of Institutional Abuse (Savia) group said he must go further than saying sorry. "He doesn't realise the seriousness of it. Anybody in any position of power would do the right thing, put their hands up," she told the BBC. "Yes, he's apologised and many may be appreciative of that, but his apology is not working." Interim Victims’ Commissioner will consider his ‘situation’ over damaging leak A newsletter was sent out on Mr McAllister's behalf on Friday but listed the emails of 250 people, including abuse victims. Many victims have already indicated that they intend to sue for damages, which a legal source told the Belfast Telegraph could cost as much as £2.5m. The interim advocate for victims apologised again yesterday, but said he would wait for the results of an investigation from the Information Commissioner before considering his position. Mr McAllister told the BBC it would be counterproductive to leave his post before a permanent appointment was made. Abuse victims data breach could cost £2.5m in damages "It's important from my point of view that I continue for this next number of months before the appointment of a commissioner, to make sure that everything can be put in place," he said. "To step aside at this stage would lose valuable months. However, an investigation will take place and if in any way I am found to be personally culpable in this matter, of course I'll have to consider my position." One man who said he had been identified on the list, who asked only to be referred to as PJ, said he would be taking legal action and that Mr McAllister could not defend his position. He also claimed his name had previously been published in error when he gave evidence to the Historical Institutional Abuse Inquiry in 2014, which resulted in him being attacked. "To say I am outraged is an understatement," he said. "This release of victims' email addresses is no trivial matter and Brendan McAllister, I believe, should very carefully consider his position." He said the investigation needed to determine if proper security procedures were in place to prevent a serious data breach. A member of the St Patrick's Survivors group also said one of their members had been included on the list and was extremely distressed. "Every day [Mr McAllister stays in his post] is causing even further pain and distress and the lack of action is unacceptable," they said. However, Jon McCourt from the group Survivors North West said on Sunday he did not believe Mr McAllister should step down, although the breach had been highly embarrassing. Yesterday he told the BBC that some members of the Rosetta Trust and Survivors Together also backed him to stay. "I saw the whole list and I was shocked. It was a massive breach of confidentiality of all of those who were named," he said. Mr McCourt noted that there had been a failed attempt to retrieve the original email before the issue was made public. "I'm looking at the impact that this has had on people that I have spoken to over the weekend. They range from a feeling of betrayal right through to anger, particularly from people who had previously been victims of a breach of confidentiality through the HIA. "This was a double hit for them. Without doubt this has had a massive personal impact for people who engage with the inquiry." _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Abuse victims data breach could cost £2.5m in damages Destry Winant (May 28)