Sandicliffe

Sandicliffe operates as a car dealership in the United Kingdom, primarily offering the sale of new and used vehicles along with associated after‑sales services such as maintenance, financing arrangements and insurance facilitation. Its business serves customers in the Nottinghamshire region, where it maintains a physical presence through multiple showrooms. The dealership’s activities involve collecting and processing personal information from purchasers, including details required for credit checks and insurance policies. This function places it in a position where it handles both financial and health‑related data as part of its routine transactions.

The organisation’s scale is indicated by the five showrooms it operates across Nottinghamshire, a detail mentioned in the breach report. This localized footprint distinguishes it from national chains and highlights a regional focus on serving the local automotive market. On 7 November 2020, a phishing email led an employee to open a malicious link, triggering the data breach. The breach exposed bank account details and medical histories of individuals associated with the dealership’s five showrooms. The incident was reported by databreaches.net, which noted that the compromise highlighted risks linked to non‑medical entities holding sensitive health and financial information. No explicit information about its ownership structure, parent company or subsidiary relationships is provided in the available sources.