Arup Data Breach Claims


Employees and former employees at Arup have had their personal details breached in a major “cyber security incident”.

The professional services firm told staff that their third party payroll provider was targeted in a ransomware attack.

Over 15,000 people are employed by Arup, but we don’t yet know exactly how many have been affected by the data breach. But it’s thought that anyone who’s been employed by them since November 2018 could be at risk.

If you’re an Arup employee and you’re worried about your personal data, get in touch with our Data Breach Solicitors for expert legal advice.

If you're concerned about making a GDPR Data Breach Claim against Arup and you're still working for them, don't worry - this won’t affect your job.

Call us on 08002605010 or request a callback

How Were Employees Affected?

Data accessed in the ransomware attack included:

  • First names and surnames
  • Dates of birth
  • Gender
  • National Insurance Numbers
  • Addresses
  • Bank account details including the account number and sort code

Arup are reportedly working closely with their payroll provider to understand the nature of the breach and what led to it.

They’ve also told staff to look out for unusual activity on their bank accounts and contact their bank straight away if they notice anything. Employees have also been offered a free subscription to an identity protection provider.

What is a Ransomware Attack?

In a ransomware attack, hackers gain access to victim’s personal files and encrypt it so it can no longer be accessed. They then hold companies to ransom in exchange for returning access to the data.

Sometimes they’ll threaten to release the data unless they get some form of payment. Hackers will often target large organisations as they know they hold a large amount of sensitive data and may be more willing to pay the ransom.

What Should I do if my Data has been Breached?

      1. If you’ve been affected, you should have been contacted by Arup directly to advise you on your next steps. If you’ve not been contacted and you’re still worried about your data, you should still get in touch with Arup.
      2. Be wary of any phishing emails or phone calls – hackers can be very convincing and it can be easy to get caught out by an email that looks legitimate. Think twice before clicking on any links and never give any personal details over the phone if you’re unsure.
      3. Contact your bank about anything suspicious and update your password.
      4. Get in touch with our Data Breach Experts to see if you can make a claim for compensation.

How Simpson Millar Can Help You With Your Data Breach

Organisations like Arup have a responsibility to keep your personal data safe under GDPR. If a data breach compromises your personal information it can put you at serious risk of identity theft and fraud, especially if your bank details are exposed.

Our Data Breach Solicitors have helped many victims of data breaches to claim compensation after their data was breached.

If you’re a current or recent Arup employee, and you’ve been told you’ve been affected or strongly suspect you have been, we can help you. Get in touch with our Data Breach Solicitors today to see if you’ve got grounds for a claim.

We can often handle data breach claims on a No Win, No Fee basis – ask us for more details. 

Contact our Cyber Security Solicitors For a Free Case Assessment

We're happy to help

Monday to Friday 8:30am-7:00pm

0808 239 9426

0808 239 9426

We're happy to call you

Simply click below to arrange the assessment

Request a Free Case Assessment

Contact Us Free to discuss your Data Breach Claim

This data will only be used by Simpson Millar in accordance with our Privacy Policy for processing your query and for no other purpose

Simpson Millar Solicitors are a national law firm with over 500 staff and offices in Billingham, Bristol, Cardiff, Catterick, Lancaster, Leeds, Liverpool, London and Manchester.