Shropshire Star

Eurocell employee details exposed in major cyber attack

A leading PVC-U roofing products manufacturer and distributor has contacted current and former employees, including some in the West Midlands, to inform them that a cyber attack on the company has led to a substantial data breach.

Published

In a letter issued to employees of the company, Derbyshire-based Eurocell explained that an unauthorised third party gained access to its systems following an IT security incident.

Eurocell, who have showrooms throughout the UK including Brierley Hill, Cannock, Kidderminster, Shrewsbury, Stafford, Walsall and Wolverhampton, has confirmed that, during the attack, data belonging to employees was copied from its IT systems. The full extent of the data breach is yet to be learned.

However, the company has confirmed that the exposed data included: employment terms and conditions, personal information (date of birth, next of kin, bank account and national insurance, tax-reference numbers), right to work documentation, health and wellbeing related documents, learning and development records and disciplinary and grievance-related documents.

There are concerns that this wealth of data will now be made available on the dark web, as frequently happens following these attacks. This poses a significant threat to any individuals who have been affected.

Eurocell currently employ over 2,000 people across its nationwide network of more than 210 branches.

Specialist data breach law firm, Hayes Connor, is currently working with individuals who have been affected by this data breach. They are now calling on Eurocell to provide further information about exactly what happened and how employee data was compromised.

Christine Sabino, the legal representative who is helping those affected by the Eurocell data breach, said: “The information we have received regarding the Eurocell data breach is extremely concerning and it is clear that further answers are needed. Not only are employees facing a threat of identity theft and fraud, adding to their distress is a real concern regarding the release of such highly sensitive personal data also.

“Eurocell has claimed that there is currently no evidence of the data being misused, but there is no way to tell if that is actually the case. It’s also not possible to say whether there will be any further issues in the future.

“As of yet, there’s been no indication as to how many individuals have been affected. The company has over 2,000 current employees, but it is possible that many more former employees could also be at risk given the type of information that has been exposed.

“Every employer has various obligations when it comes to data security, which means they have a duty to keep sensitive information secure. This type of incident warrants a significant investigation. Our team has started to make our own enquiries into the case and are determined to ensure our clients get the justice they deserve.”