Bill Singer comments on the Arnold Clark data breach claim in Computer Weekly

data breach

Share this article:


Associate Bill Singer has commented on the ongoing Arnold Clark data breach claim and the fraud risks to those impacted in Computer Weekly.

Bill’s comments were published in Computer Weekly, 13 June 2023, and can be read here.

Bill said that frauds linked to the Arnold Clark breach are appearing all over the UK: “numerous clients have uncovered evidence of identity theft, for example, unauthorised credit checks, sometimes dozens a day. Other clients have actually reported fraud going through.

“Huge numbers of them are experiencing an elevated level of fraud attempts, a whole variety of phishing, social media messages, text messages. Lots have had cold calls as well – for example, bogus calls from their bank’s fraud department. They are seeing a wide variety of cyber-criminal activity.

“Whether the fraud is small or large it has the same consequences, you still need to get your money back. You still need to spend extra time protecting yourself against future frauds. You might have an impacted credit score – I have clients who have been refused credit on new cars due to all of these identity theft attempts.

“We will be keenly awaiting the outcome of the ICO investigation. We also know the ICO is investigating at least one complaint from Arnold Clark customers who have been dissatisfied with the response to the data breach.

“The ICO has very heavy fining powers and we would expect a broad fine if any breaches are upheld, but what they can’t do is award any compensation to individual customers who complain.

“The whole essence of the case is that Arnold Clark could and should have done more.”

Connor Hewitt, a claimant in the case who works in the cyber security sector, also said: “I remember getting the notification – I was in the gym and I remember the email popping up. It basically said we believe your data was included in a data breach.

“Obviously that [Mail on Sunday] article came out and the first thing that came into my head was, ‘I bought a car from them, I wonder if my information is part of that breach.’ And then…I got the email to say my information was part of that.

“It’s not been too bad because I can spot them quite easily based on the work I do – I do phishing training all the time with customers.

“There have been spikes in… likes on Instagram, direct messages with links, spikes in Facebook friend requests – again, slightly dodgy ones. There have been 30, maybe pushing 40, credit checks done against me. I’ve had text messages off companies trying to say, ‘You’ve got parcels being delivered, please check this parcel”, and all that kind of stuff. Sometimes that happens when you have ordered something, as well.”

In February 2024, our firm changed its name from Keller Postman UK to KP Law.

Share this article: