What to do when your data has been breached
Discovering that your personal data has been breached can be an incredibly stressful and traumatic experience, especially if you are unsure over what steps you need to take next.
If your data has been breached, there are a number of actions you can take which can help to mitigate the potential damage, and ensure that you are properly compensated for an organisation’s shortcomings.
In this article, we will discuss:
- How do you know if your data has been breached?
- What are your rights if your data has been breached?
- What to do after a data breach?
- How long do you have to report a data breach?
- How do I start a data breach claim?
- How Hayes Connor can support you if your data has been breached
How do you know if your data has been breached?
If you suspect that an organisations’ actions have caused your data to be breached, there are a number of ways in which you can find out for certain.
Under the terms of the Data Protection Act 2018, any organisation that holds your personal data, and is responsible for a breach, is required to inform you if your data has been exposed. This will usually be in the form of a letter or email.
Unfortunately, it is often the case that the organisation responsible for your data being breached fails to meet this obligation. Or, even where they do send out an email or letter, this can be easily missed.
It is sometimes the case that the first time someone learns their data has been breached is after the Information Commissioner’s Office publishes a report.
If you suspect your data has been breached, but you have not been informed by the organisation, you can check to see if any email addresses you have used have been compromised with haveibeenpwned.com.
If you are still unsure if your data has been breached, this is something our data breach solicitors can support you with.
What are your rights if your data has been breached?
If your data has been breached due to an organisation’s shortcomings (such as human error or insufficient security measures), you may have the right to make a claim for compensation.
Compensation can be claimed to help cover any direct financial losses you have suffered as a result of the data breach, as well as the general distress that has been caused.
With enough information, third parties who have been able to access your data following a breach may be able to apply for credit in your name, set up fraudulent bank accounts and access any existing accounts you have.
Even if you have not necessarily suffered any direct financial losses as a result of your data being breached, this does not mean that the situation will not be incredibly stressful and have a substantial impact on your mental and physical health.
Being unable to sleep, feeling ill, being stressed and unsettled are all common side effects of having your data breached. This can, in turn, have an impact on your friends and your job.
What to do after a data breach?
There are a number of important steps you should take once you become aware that your personal data has been breached.
Contact your bank and/or credit card provider
If you are concerned that your financial details have been exposed after your personal data has been breached, it is essential that you speak to your bank as soon as possible. They should be able to cancel any of your cards that have been affected and, depending on the circumstances, they may be able to reverse any fraudulent transactions.
You can also discuss putting a credit freeze in place until you are certain your details have been changed and you are safe from any further disruption.
Change your passwords
A simple step to take following a data breach would be to change your login details, not only for the account that has been affected, but anywhere else where you have used the same password.
If you are worried about remembering your new passwords, you can always use a secure password manager to store them safely.
Take note of phishing attacks
If an unauthorised third party has obtained your personal data following a breach, you may be subject to ‘phishing attacks’. This is where a fraudster gets in touch with you using your details and poses as a trusted organisation in an attempt to extract further data (usually more sensitive data such as passwords and financial information).
You should be extremely wary of phishing attacks following a data breach, especially communications that appear to be from the organisation responsible for losing your data.
Report a breach to Action Fraud and the ICO
If you have been notified that your data has been breached, you should consider filing a report with Action Fraud and the ICO.
Action Fraud is the UK’s national reporting centre for fraud and cyber crime, and is run by the City of London Police in partnership with the National Fraud Intelligence Bureau. Making a report to Action Fraud can ensure a breach is fully investigated and criminal proceedings can be initiated where required.
If an organisation suffers a breach, they should have already informed the ICO. However, it is still a good idea to check if this is the case as the findings from an ICO investigation can often prove useful during the compensation claims process.
Register with the Cifas Protective Registration service
It is often a sensible idea to register with the Cifas fraud prevention service. By doing so, your name and personal details will be flagged in their National Fraud Database, which is used by a wide range of companies to check for people at risk of fraud.
Companies using Cifas will then perform additional checks when your details are used to apply for products and services, reducing your risk of experiencing fraud.
Speak to a data breach claims solicitor
If your data has been breached, it is highly advised that you speak to a specialist in data breach claims to discuss your situation. A data breach claims expert can advise you if you are owed compensation and, of so, guide you through the process of making a claim from start to finish.
The claims process can be complicated, which is why the advice of an expert in the field of data breaches will be crucial if you wish to successfully recover compensation.
How long do you have to make a data breach claim?
Generally, a data breach claim needs to be made within six years of the breach taking place. If your claim includes a breach of your human rights then action for this element of your claim must be done within 1 year.
How do I start a data breach claim?
The first step in making a data breach claim would be to get in touch with our data breach experts at Hayes Connor for an initial discussion about your situation. We can talk at length about your circumstances, how your data was breached, whether you are in a position to claim compensation, how much you could be entitled to and how the process works.
If we believe that you are entitled to make a claim, and you are willing to take the case forward, we can then proceed to begin the claims process. Many of the claims we help to pursue are settled out of court via a negotiated settlement.
How Hayes Connor can support you if your data has been breached
If your personal data has been breached, our data breach solicitors may be able to support you to make a compensation claim. Our team can act for clients on a no win, no fee basis, removing the financial risk of pursuing a data breach claim if it is unsuccessful for any reason.
At Hayes Connor, we have one of the largest teams of dedicated data breach claims specialists in the country, with a wealth of combined experience and expertise. Our team can advise you on whether you are likely to have grounds for a claim, the level of compensation you may be entitled to and what you need to do to start a claim.
Our goal is to ensure that anyone who is affected by a data breach is able to get the compensation they deserve, while making the claims process as simple and stress-free as possible.
To start a claim, you can use our online claim form and we will get back to you shortly to let you know if we believe you have grounds for compensation.
If you would like to speak to a member of our team, please do not hesitate to give us a call on 0330 041 5135