Helping victims claim Group Actions worldwide

Arup data breach exposes private employee data

Need HELP! Let Us Call You Back...

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

A cybersecurity incident at a third-party payroll provider has provoked a data breach at Arup, a professional services company. Affecting many former and current employees, the Arup data breach has reportedly exposed details disclosed for the purposes of paying employees’ wages.

Arup has yet to publish information on the number of people affected, but they have sent a data breach notification to let victims know which details may have been compromised. We have already accepted compensation cases for victims of the Arup data breach on a No Win, No Fee basis. Anyone affected by an incident like this may be entitled to recover compensation under the law, as data controllers have a legal obligation to protect the information that they hold and process.

If Arup has informed you of your involvement in the data breach, we can offer free, no-obligation advice to you regarding your potential compensation claim.

Extensive personal data exposed

In a letter notifying current and former employees of the exposure of their information, the Arup data breach is said to have resulted from a cybersecurity incident involving Arup’s third-party payroll provider. The information exposed by the breach looks to vary according to when employees were registered on the payroll, it is understood.

Those who recently joined the company and were paid via payroll between 1st February 2020 and 31st January 2021 could have had their surnames, bank account numbers and sort codes exposed. However, employees paid between 1st November 2018 and 31st January 2020 learned that the following information may have been compromised:

  • first names and surnames;
  • bank account numbers;
  • sort codes;
  • gender;
  • addresses;
  • National Insurance numbers;
  • dates of birth.

What can the affected employees do?

Those involved in the Arup data breach are now faced with the possibility that their private information may have fallen into the hands of cybercriminals. Arup has yet to clarify the exact nature of the cybersecurity incident, explaining that it is still investigating the breach with its payroll provider. As such, it is unclear how many people may have been able to access the private information.

Arup has advised that employees should contact their banks to explain the nature of the risk to their accounts, which could allow them to pre-empt any fraudulent transactions. That being said, this may not fully eradicate the risk.

Apart from closely monitoring their accounts, those affected by the Arup data breach could take action by making a compensation claim. In a claim,  we can investigate the breach itself to discover if there is any wrongdoing on the part of Arup or the payroll provider. The aim here is to achieve justice for victims where there has been any potential negligence involving data protection law.

Make your claim today

If you have been affected by the Arup data breach, or any similar breach, you may be entitled to claim thousands of pounds in compensation. We are experienced in holding organisations to account on behalf of data breach victims, so you can trust that we have the expertise to root out any negligence.

If you wish to receive free, no-obligation advice on your potential compensation claim, simply contact us today or register your details for a call-back.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Matt on April 27, 2021
Posted in the following categories: Data Breach Claims Data Breach Compensation Data Group Actions Group Actions and tagged with | | |


Midlands News Association data breach causes exposure of journalists’ personal information
Watford Community Housing data breach- one year on