Making a debit or credit card data breach compensation claim
Are you owed compensation for a credit or debit card data breach?
To be owed compensation, it must be shown that the organisation that held your payment information failed in their duty to adequately protect your data. This will typically be because they did not have sufficient security in place (e.g. using outdated security software) or because people within the organisation did not properly follow security procedures.
Whatever the situation, if the organisation failed to meet its obligations under the Data Protection Act 2018, you will have a claim – even if you haven’t suffered as a result.
So, whether your data was exposed due to hackers or other types of cybercriminal activity or by an error, such as an email being sent to the wrong person, you are still entitled to compensation for a credit card data leak.
Where a data protection breach has occurred, the Information Commissioner’s Office (ICO) will carry out an investigation. The ICO will determine whether a breach has occurred, and, in some circumstances, we will wait for the result of their investigation to advance a claim. However, if you believe you have been affected by a breach, please contact us to discuss.
To speak to a member of our team now about what to do if you have been a victim of a credit or debit card data breach, please call us on 0151 363 5895.
What compensation can you get for a credit or debit card security breach?
Where your credit or debit card details have been exposed due to an organisation breaching the Data Protection Act 2018, you can claim compensation regardless of whether or not you have suffered as a result of the breach.
However, where you have experienced financial harm, anguish or anxiety, you are likely to be able to claim more substantial compensation, including for example:
Any payments or transfers of funds that you were unable to have refunded, as well as other issues, such as any negative effect on your credit rating.
It is common for victims of cybercrime to experience a significant impact on their mental and emotional wellbeing. People often report difficulty sleeping, as well as feeling ill, unsettled or confused. This can affect every aspect of your life, including your job, family and friends, and this is something you are entitled to claim for.
How long do you have to claim compensation for a debit or credit card data breach?
As a general rule, you will typically have six years from the date a breach occurred to bring a claim. However, the exact time limit will depend on the circumstances.
Often a data breach will only be exposed sometime after it has happened. The impact on the victims is also often not immediately apparent. In many cases, it can be months or even years before the full extent of the consequences of a credit or debit card breach is clear.
Therefore, while it is important to speak to our team as soon as possible about pursuing a claim, it is also worth speaking to us even if the breach happened several years ago.
How to start a debit or credit card data breach claim
The first step is to find out whether you have grounds for a claim. Our professional, friendly team will be happy to review your circumstances and advise you on whether we believe you are likely to be entitled to compensation.
If you are not sure whether your credit or debit card details have been misused or mishandled, we can find this out for you.
Once we establish that you have grounds for compensation, we will take care of the whole claims process for you. We will contact the organisation responsible for the breach and work tirelessly to get you the compensation you deserve.
To get the claims process started, you can use our simple and secure online claim form to share the details of your situation, and we will get back to you shortly to let you know whether we can help.
Or, if you want to speak to a member of our team, please get in touch.
Credit and debit card data breach FAQs
How do I know if my credit card details were part of a data breach?
Under the terms of the Data Protection Act 2018, organisations have a legal duty to inform you if personal details they hold about you have been compromised.
In spite of this, it is common for people not to find out about a data breach until an organisation is fined by the Information Commissioner’s Office (ICO). With credit and debit card data breaches, it is also common for people to discover the problem when they see a transaction they do not recognise on their account, which often happens before the card issuer realises there is a problem or chooses to go public about it.
If you believe your credit or debit card details were compromised, it is a good idea to review all of the businesses and other organisations that you shared this data with to see whether they have suffered a data breach.
How do I cancel my credit card after a data breach?
Following a credit card data breach, you will need to call your card issuer and request that it be cancelled and that you be issued with a new card. If the card issuer is aware of the data breach, they will normally pre-emptively cancel your card and issue a replacement, but you should always check that this has been done rather than assuming it will be taken care of for you.
Will I be refunded for any charges from a credit or debit card data breach?
You have the right to be refunded for any unauthorised charges made using your debit or payment card under the Payment Services Regulations. Unauthorised credit card payments are covered in the same way under the Consumer Credit Act.
However, it is important to note that you may be held liable for any unauthorised charges made before you reported the loss of your credit or debit card details (up to a limit of £50). It is therefore essential to report the issue to your bank building society or credit card company as soon as possible.
What should I do if my card data was breached after finding my lost card?
If you discover that your data was breached after you found a previously lost credit or debit card, this does not necessarily mean you will be held liable for any unauthorised charges.
So long as you have declared that you have lost your card to your provider, you should not be liable for any charges.
If you did not declare that your card had been lost, then it may be difficult to refund any charges that were made as a result of a data breach.
Examples of debit and credit card data breaches
Abode Inc hack – 38 million customers affected
Software giant Adobe was the target of a cyberattack in 2013 that saw 38 million of their customers’ personal data compromised, including payment details of 2.9 million users. The hack was uncovered after a file was uploaded to a hacking forum that appeared to contain the usernames and hashed passwords of millions of Adobe customers.
Capital One data breach – 106 million people’s details stolen in hack
In July 2019, it was discovered that the personal details of around 106 million people were stolen by a hacker who targeted financial services company Capital One. The company is one of the world’s largest credit card issuers, and the hack involves names, addresses and phone numbers of people who had applied for the company’s products, but not their credit card account numbers.
Foreign exchange company Travelex suffers data breach
In 2019, Travelex was the victim of a cyberattack by the Sodinokibi ransomware group. The hackers were believed to have stolen payment card information about Travelex customers, as well as their social security numbers and dates of birth.
Read more about the Travelex data hack.
What to do if your debit or credit card information has been stolen
Reporting a financial crime
If you have been the victim of a financial crime, you can report this to the national fraud reporting service Action Fraud online or via telephone. This will then be the starting point for any police investigation.
How to stay safe following a debit or credit card data breach
If you are concerned that your credit or debit card details have been stolen or otherwise exposed in a credit card data breach, the following steps can help to minimise the risk of further harm:
- Contact your bank/credit card provider immediately.
- Change your passwords on all your accounts.
- Consider a credit freeze until the matter is resolved.
- If you have been the victim of a scam, report this to the police and contact Action Fraud for advice on what to do next.
- Inform credit reference agencies of any unauthorised activity, so they can take this into account when calculating your credit score in future.
- Register with the Cifas protective registration service – this will prevent any credit from being taken out in your name without additional security checks.
- Carefully monitor your bank and credit card statements for any payments or transfers you don’t recognise.
Find out more about what to do if your data has been stolen in a data breach.
Start your debit or credit card data breach claim today
At Hayes Connor Solicitors, we help you to claim compensation and steer you through the aftermath of a credit or debit card data breach – minimising the impact on you as much as possible.
With strict time limits in place for making a credit or debit card data breach claim, it’s important to act now to make sure you don’t miss out on your right to compensation.