Data Protection
Data breaches or data leaks can sometimes have serious consequences. It cannot be ruled out that those affected may become victims of fraud and identity theft. The resulting damages can at best be claimed against data protection officers and their processors.
We are currently supporting data subjects in the following data breaches:
Gebühren Info Service GmbH (GIS) is in charge of collecting and billing the ORF broadcasting fee in Austria.
GIS commissioned an IT company to restructure the database. Due to an error in June 2020, a total of nine million Austrian registration data were probably unencrypted on the internet for almost a week.
This means that all Austrian citizens and companies could be affected by the data incident.
In cooperation with lawyer Robert Haupt, LL.M., we have started a class action.
Ledger SAS, based in Paris, has been hacked and personal customer data has been stolen, which is now online and accessible to anyone. In general, any person who has suffered material or immaterial damage as a result of a breach of the GDPR is entitled to claim damages from the responsible party, i.e. Ledger SAS, in accordance with its Article 82.
More than 24,000 positive coronavirus tests from Tyrol, including the associated personal data, have been disclosed. Apparently, everyone who tested positive for the coronavirus in Tyrol between January 2021 and June 2021 is affected. We have initiated a collection procedure for those affected.
According to media reports in the computer magazine c't and the weekly newspaper Zeit, there was a serious data leak at the car rental company Buchbinder as early as January 2020. As a result, personal data of three million customers leaked unencrypted onto the internet, where it was freely accessible to any internet user. Apparently, all Buchbinder customers (car renters and drivers) from 2003 to 2020 are affected.
The disclosure of personal data is likely to constitute a serious breach of the DSGVO (European Data Protection Regulation). According to Art 82 DSGVO, any person who has suffered material or immaterial damage due to a data protection violation is entitled to claim damages against the responsible party, thereby against Buchbinder.
We have set up a collection procedure for affected parties.