Qdos, a business insurance and employment status specialist, has confirmed a data security incident where an intruder accessed and downloaded personal customer information and documents related to insurance policies and IR35 services. The breach was discovered on June 19, and an investigation was launched with third-party cybersecurity experts. While credit card information and identification documents were not compromised, personal data including names, addresses, email addresses, and documents related to insurance policies and IR35 services may have been accessed. The Information Commissioner's Office, the Financial Conduct Authority, Action Fraud, and the National Cyber Security Centre were notified. Qdos took immediate action, including offering 12 months of free identity monitoring services to affected customers.
Source: https://www.theregister.com/2025/07/25/ir35_advisor_qdos_confirms_data_breach/
TPRM report: https://www.rankiteo.com/company/qdos-technology
"id": "qdo604072725",
"linkid": "qdos-technology",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Insurance',
'name': 'Qdos',
'type': 'Business insurance and employment status '
'specialist'}],
'attack_vector': 'Web Application Vulnerability',
'customer_advisories': 'Email to clients',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'type_of_data_compromised': ['Personal customer information',
'Documents relating to customer '
'insurance policies',
'IR35 services',
'Documents pertaining to '
'purchases such as invoices and '
'credit notes',
'Name',
'Correspondence address',
'Registered business address',
'Email address',
'Contact information']},
'date_detected': '2025-06-19',
'date_publicly_disclosed': '2025-07-25',
'description': 'Qdos, a specialist in business insurance and employment '
'status, confirmed that an unauthorized third party accessed '
'and downloaded personal data from its web application '
'mygoqdos.com.',
'impact': {'data_compromised': ['Personal customer information',
'Documents relating to customer insurance '
'policies',
'IR35 services',
'Documents pertaining to purchases such as '
'invoices and credit notes',
'Name',
'Correspondence address',
'Registered business address',
'Email address',
'Contact information'],
'systems_affected': ['mygoqdos.com']},
'initial_access_broker': {'entry_point': 'Web application'},
'investigation_status': 'Ongoing',
'recommendations': ['Be especially vigilant against suspicious activity, '
'including suspicious emails, phone calls or text '
'messages.'],
'references': [{'date_accessed': '2025-07-25', 'source': 'The Register'}],
'regulatory_compliance': {'regulatory_notifications': ['Information '
"Commissioner's Office",
'Financial Conduct '
'Authority',
'Action Fraud',
'National Cyber '
'Security Centre']},
'response': {'communication_strategy': ['Email to clients',
'Offering 12 months of free identity '
'monitoring services'],
'containment_measures': ['Disabled customer access to the Qdos '
'website',
'Remediated the issue with the web '
'application'],
'incident_response_plan_activated': True,
'law_enforcement_notified': ["Information Commissioner's Office",
'Financial Conduct Authority',
'Action Fraud',
'National Cyber Security Centre'],
'third_party_assistance': 'Third party cyber security expert'},
'threat_actor': 'Unauthorized third party',
'title': 'Data Breach at Qdos',
'type': 'Data Breach'}