Kingsley Hayes comments on the Parasol data breach

room of computer servers and man checking them

Share this article:


Computer Weekly published an article reporting on the Parasol umbrella company data breach in which cybercriminals accessed the personal information of contractors and employees.

Kingsley Hayes, Head of Data Breach, commented:

“Going on what we’ve seen, there is data there that goes back as far as 2011 and 2009, so anyone who has used Parasol in the last 10 years – at least – could have some data on that [leaked] database.”

Speaking of Keller Lenkner UK’s claim, Kingsley said:

“An action like this basically takes the form of gathering up interested parties and getting together as many of them as we possibly can to launch a claim… and seek recompense for the issues that those affected have sustained.” 

He also added:

“There is a great concern at the moment, certainly from our clients, that there is a lack of information coming out from Parasol and the [Optionis] Group generally about what they propose to do about this and how they propose to protect the position of the individuals or companies affected.”

“If the company is doing incident management correctly, they should have a playbook for this. Most companies of their size seem to, and there doesn’t seem to be a repository of information [from Optionis] for individuals to help them understand what they need to do to protect themselves.”

“The reality of how this data has been put out there so far is that it is available to copy, and the problem that Parasol has, and the individuals affected by this have, is that nobody knows who may or may not be copying the data and whether those that have will try to sell it on.”

“If you have been part of the process with the organisation where you’ve handed over your KYC documents, and your payroll has been managed for some considerable time [by Parasol], anything from your tax returns through to your passports, driving licences and all of that type of information is likely to be compromised.”

Kingsley’s comments were published in Computer Weekly, 15 February 2022, and can be found here. This article was also republished in Techonnews, Knowledia, Global Business LineWorlds News NetworkNational Cyber Security News and True Median, 16 February 2022.

In February 2024, our firm changed its name from Keller Postman UK to KP Law.

Share this article: