Major cyber attack made on Derbyshire manufacturer

Derbyshire based PVC-U manufacturer and distributor Eurocell has been the victim of a major cyber attack, it has been revealed.

The firm has been forced to contact current and former employees to inform them that it has been the subejct of a “substantial” data breach that has seen a whole range of personal information exposed.

Eurocell explained that an unauthorised third party gained access to its systems following an IT security incident.

Eurocell, which has showrooms throughout the UK, has confirmed that, during the cyberattack, data belonging to employees was copied from its IT systems. The full extent of the data breach is yet to be learned.

However, the company has confirmed that the exposed data included:
• Employment terms and conditions
• Personal information (date of birth, next of kin, bank account and national
insurance, tax-reference numbers)
• Right to work documentation
• Health and wellbeing related documents
• Learning and development records
• Disciplinary and grievance related documents

There are concerns that this wealth of data will now be made available on the dark web, as frequently happens following these attacks. This poses a significant threat to any individuals who have been affected.

Eurocell currently employs over 2,000 people across its nationwide network of more than 210 branches.

Specialist data breach law firm, Hayes Connor, is currently working with individuals who have been affected by this data breach. It is now calling on Eurocell to provide further information about exactly what happened and how employee data was compromised.

Christine Sabino, the legal representative who is helping those affected by the Eurocell data breach, said: “The information we have received regarding the Eurocell data breach is extremely concerning and it is clear that further answers are needed. Not only are employees facing a threat of identity theft and fraud, adding to their distress is a real concern regarding the release of such highly sensitive personal data also.

“Eurocell has claimed that there is currently no evidence of the data being misused, but there is no way to tell if that is actually the case. It’s also not possible to say whether there will be any further issues in the future.

“As of yet, there’s been no indication as to how many individuals have been affected. The company has over 2,000 current employees, but it is possible that many more former employees could also be at risk given the type of information that has been exposed.

“Every employer has various obligations when it comes to data security, which means they have a duty to keep sensitive information secure. This type of incident warrants a significant investigation. Our team has started to make our own enquiries into the case and are determined to ensure our clients get the justice they deserve.”

Eurocell has been contacted for comment but hadn’t replied by the time of publishing.