Home / Data Breach Claims / Banking & Financial Data Breaches

Banking & Financial Data Breaches

UK financial services firms reported a whopping 480% more data breaches in 2018 than in 2017, and, in the sector, retail banking saw the number of data breach reports jump by a staggering 2400%.

Of course, bank fraud is a very serious crime, and victims can suffer both financial loss and distress. But, while we often worry about hackers and cybercriminals getting hold of our banking and credit card details, in many cases, simple human error can also have devastating consequences.

So, to protect us from financial data breaches and cybercrime, it is vital that there are adequate and robust protections in place to secure the data and information held within it and that staff working in financial organisations have the knowledge and ability to handle such data securely.

But all too often, this isn’t happening.

If you have suffered financial damage, emotional distress, or a loss of privacy caused by a bank, building society, credit card company or any other financial organisation breaching any part of the Data Protection Act (the UK’s interpretation of the GDPR), you have a right to claim compensation.

At Hayes Connor Solicitors, we have decades of combined experience helping people to claim compensation where a financial organisation has failed to protect their data. We can help you claim for your financial losses, emotional distress and loss of privacy.

We understand that making a compensation claim can be stressful, especially while you are dealing with the emotional impact of having your data exposed due to poor financial data security. That’s why we make sure you always know what’s happening with your case and remove the jargon from the process to keep things as simple and stress-free as possible.

See what our clients say about working with us

Where we believe you have a case for claiming compensation, we may be able to act for you on a no win, no fee basis, removing any financial risk from the process of making a claim.

Think you are entitled to compensation for a financial data breach? Use our simple and secure online claim form to share the details of your situation, and we will get back to you shortly to let you know whether we can help.

To speak to a member of our team now about what to do if your financial data has been exposed, please call us on 0151 363 5895.

Types of financial data breaches we can assist with

At Hayes Connor, our expert solicitors deal with a significant number of financial data breach cases. During our work, we see many different types of claims and understand how bank and credit card data breaches can affect people in different ways.

For example, we saw what happened when our client’s ex-partner was sent a copy of his bank statement by mistake. As a direct result of this bank data breach, our client suffered severe psychological effects, including stress and anxiety.

We can make financial data breach claims against:

  • Banks
  • Building Societies
  • Credit card companies
  • Insurance companies
  • Credit reference agencies
  • Loan companies
  • Pension companies and advisors
  • Accountants and financial advisors
  • Tax specialists
  • HMRC
  • And more!

We can also help you to recover from financial data hacksfinancial phishing attacksbank and credit card takeover fraud and push payment scams.

Take a look at our case studies to see examples of some of the types of data breaches we can assist with.

The financial sector handles some of our most sensitive data. And, as customers, we have the right to expect this will be looked after. However, all too often, this isn’t the case.

Where a bank data breach occurs, the ICO can respond with actions such as financial penalties and prosecutions.

Some examples of cases investigated by the ICO include where:

  • Tesco Bank was fined £16.4m after a cyber-attack that saw £2.26m taken from personal current accounts
  • GoSkippy was fined £60,000 after supplying customer data to campaign group Leave.EU. This data was then used to sway voters in the Brexit referendum.

Cryptocurrency fraud is on the rise

Like traditional money, cryptocurrencies (also known as crypto assets) let you buy goods and services or trade them for profit. And, like hard cash, the cryptocurrency market is being targeted by criminals. In fact, each year, the equivalent of millions of pounds is being stolen from cryptocurrency holdings. As such, cryptocurrency fraud is a very serious crime.

If you have been a victim of this form of cybercrime, Hayes Connor Solicitors can help you to claim compensation. We will claim for the loss of privacy as well as any emotional distress and financial damages.

Push Payment fraud is on the rise

Push payment fraud (also called APP fraud) happens when cyber criminals deceive individuals into sending them money. Because the victim believes the fraudster to be genuine, they authorise the handover of cash. The money is then quickly transferred to different accounts, often abroad, which makes getting it back almost impossible.

Push payment fraud is a serious crime, and victims can suffer financial loss and distress as well as loss of privacy. But, in many push payment scams, banks are reluctant to compensate. So, people can be left not knowing where to turn.

If you have been a victim of this form of cybercrime, Hayes Connor Solicitors can help you to claim compensation. We will claim for the loss of privacy as well as any emotional distress and financial damages.

Click here to read on.

Making a financial data breach compensation claim

Are you owed compensation for a financial data breach?

Cybercriminals are becoming more and more sophisticated, which means data breaches in the banking sector are becoming increasingly common. For example, AI-assisted imposters are set to become an increased threat. With machine-learning helping to make existing cyber-attack efforts like identity theft, denial-of-service attacks and password cracking faster, more formidable, and more effective.

The financial sector has always been a lucrative target for hackers. And, as we move deeper and deeper into the Internet of Things (IoT), more and more devices and data are going to be connected to the internet. So, keeping these safe from hackers is going to be an ongoing challenge.

But this doesn’t let financial organisations off the hook.

If they have done everything in their power to protect your data and have robust security processes and procedures in place, it is unlikely that a claim would be successful.

This is why we usually wait for the results of an investigation by the ICO before starting a claim.

But in most cases, financial services data breaches happen because of human error and/or a failure to implement reasonable and robust processes, and these errors are just as likely to happen offline.

Crucially, if an organisation has failed to protect your personal data, you have a right to claim compensation. Even if you haven’t suffered as a result.

How to start a financial data breach claim

Our professional, friendly team will advise you on whether you have a valid claim against a financial organisation. If you are not sure whether your sensitive financial information has been misused or mishandled, we can find this out for you.

Once we establish that you have grounds for financial data breach compensation, we will take care of the whole claims process for you.

Our team will contact the financial organisation you hold responsible for failing to protect your financial data. Where we believe you were let down by their security processes, we will work tirelessly to get you the compensation you deserve.

To get the claims process started, you can use our simple and secure online claim form to share the details of your situation, and we will get back to you shortly to let you know whether we can help.

To speak to a member of our team now about what to do if you have been a victim of a financial data breach, please call us on 0151 363 5895.

What compensation can you get for a financial data breach?

You can make a financial data breach claim if an organisation has failed to protect your personal data – regardless of whether or not criminals have stolen financial data or you have suffered as a result of the breach. However, where you have experienced financial harm, anguish or anxiety, we can make a more significant case.

Financial losses

A banking data breach can lead to both financial and/or identity theft, and the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.


Even if you haven’t lost out financially after a banking data breach, this doesn’t mean that there is “no harm done.” A personal data breach is a 21st-century version of being burgled. If a criminal came into your home and stole your private information, you would be distressed. So why should you feel any less upset at having your financial data taken?

Being the victim of a crime can have a significant impact on you mentally and physically. Of course, everyone reacts differently, but for some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job.

The full impact of a financial data breach is not always immediate

Dealing with many different types of financial, banking and credit card data breach cases, one thing that has become apparent to our solicitors is that the full impact is often not felt until months after the initial violation.

We’ve seen cases where experiencing a financial data breach has resulted in adverse life events such as having to move to a new house or area, losing a job, relationship stress and separation, and dislocation from friends and family. All of which can lead to a diagnosable psychological injury, and this often happens months after the initial breach was revealed.

We are also seeing cases where the financial losses only start to occur three to six months later. This is often because the stolen data is used in batches over time.

In most cases, these data breaches in banks aren’t caused by scammers trying to hack our banks but by simple human errors.

Financial data breach compensation after ICO investigation

At Hayes Connor, we can help you make claims against a wide range of financial organisations already fined by the ICO.

Under the GDPR, organisations MUST tell you if they have breached your personal data. But despite this, too often, people still don’t know that their data has been breached until they hear that a company has been fined by the ICO. In such cases, it’s worth finding out whether your data was put at risk because, if so, you may have a claim for bank data breach compensation.

We can also keep you updated on upcoming and current financial and banking data breach claim investigations.

What were the biggest data breaches in financial services?

118 Money

118 188 discovered that they had experienced a data breach in March 2020 that was described as an ‘illegal unauthorised access’ event of their network.

Customer service call records were exposed, leading to names, addresses, dates of birth and matters discussed in these calls all falling into the hands of the criminals responsible for the breach.


British financial services business Deloitte was hit by a cyber-attack in 2017 that exposed the confidential plans of many of its clients in all of the main sectors in which it operates.

Usernames and passwords were exposed, in addition to highly sensitive business information.


Payday loans company Wonga suffered a major data breach that was estimated to have affected as many as 250,000 customers.

Information including names, email addresses, phone numbers, and bank account details were all exposed.

What happens when a bank breaches data protection?

GDPR is breached when a bank’s security systems allow the unauthorised access of customer data by a third party. Bank data breaches are particularly serious because criminals could potentially gain access to customers’ banking details.

Depending on the severity of the breach, the bank could pay fines of up to £17.5 million, or 4% of their annual global turnover, for breaching the General Data Protection Regulation (GDPR) guidelines.

However, the UK’s Information Commissioners Office (ICO) can issue a number of other penalties, including:

  • Warnings and reprimands;
  • Ordering the rectification, restriction or erasure of data;
  • Imposing a temporary or permanent ban on data processing; and
  • Suspending data transfers to third party countries.

Do banks have to report data breaches?

Yes, once the bank is aware of the breach, they have to report it to the Information Commissioner’s Office (ICO) within 72 hours. If the data leaked could lead to one of the following issues, the bank also has to inform the individuals affected:

  • financial loss
  • identity theft or fraud
  • damage to reputation
  • discrimination

You can also self-report an incident to the ICO, as someone affected by a data breach, if the the bank refuses to do so and they will investigate your claim. Failing that, you can contact a data breach solicitor to make a claim for compensation.

What to do if your financial data has been exposed

Reporting a financial crime

If you want to report that you have been the victim of a financial crime, contact Action Fraud. You can do this online or via telephone. Action Fraud is the national fraud reporting service and is the starting point for any police investigation into your loss.

How to stay safe following a financial data breach

Here are a few steps to help protect you following a financial data breach:

  • Contact your bank/credit card provider immediately
  • Consider a credit freeze until the matter is resolved
  • If you have been the victim of a scam, report this to the police and contact Action Fraud for advice on what to do next
  • Let the credit reference agencies know of any activity that was not down to you
  • Register with the Cifas protective registration service. This will slow down credit applications made in your name with additional verification checks made to ascertain that the applicant is actually you
  • Change your passwords on all your accounts
  • Keep an eye on your bank and credit card statements to see if there is anything you don’t recognise.

Start your financial data breach claim today

At Hayes Connor Solicitors, we help you to claim compensation and steer you through the aftermath of a financial data breach – minimising the impact on you as much as possible.

With strict time limits in place for making financial data breach claims, it’s important to act now to make sure you don’t miss out on your right to claim.

You can find out more about our expertise and how we handle claims here. To have your claim assessed for free, you can use our secure online claim form. Or to speak to a member of our team, please do not hesitate to give us a call on 0330 041 5137.