Since the incident, our team of specialists has been actively monitoring online sources for mentions of Lows or our data. Regrettably, we have identified that some data, which was copied from our systems, was published on the dark web. This data could contain information that our clients and other third parties have provided to us in the course of working with us, including basic personal identifiers (e.g. name, date of birth), copies of identity documents and financial information.
Whilst we have no reason to believe that information relating to any specific individuals was targeted, we wanted to bring the matter to your attention.
We have already taken several steps in response to the incident, including:
- Securing our network quickly after the incident and maintaining our IT security posture.
- Appointing an external technical specialist to assist in our investigation.
- Notifying the Information Commissioner’s Office (ICO), Police Scotland and the Law Society of Scotland.
Data posted on the dark web is not indexed on Google or other search engines and is only accessible with specialist software. However, in light of what has happened, we want to let potentially affected individuals know so that increased vigilance can be exercised. We also recommend exercising caution in relation to potential email phishing (i.e. emails which contain potentially harmful links or requests for personal details, but which are made to appear innocuous).
We are sorry for any worry and inconvenience this incident may have caused. Our relationship with our clients and the wider community in Orkney is very important to us, so we wanted to communicate what has happened proactively out of an abundance of caution.
Please do not hesitate to contact us on [email protected] if you have any questions.



