Posts

social housing data breach
,

Customer services officer guilty of unlawfully accessing private information in social housing data breach

Social housing providers deal with a lot of sensitive and personal information. So it is vital that there are robust protections in place to keep this data secure. However, in a recent social housing data breach case, a former customer services officer at Stockport Homes Limited (SHL) has been found guilty of unlawfully accessing personal data without a legitimate reason to do so.

What happened in this social housing data breach?

In this case, a customer services officer spent time looking at anti-social behaviour cases on her employer’s case management system. Despite the fact that she didn’t have the authorisation to do so. In total, she accessed the system almost 70 times.

When an audit revealed her offences (after concerns were raised regarding her performance), she was suspended from her role. She then subsequently resigned.

The former customer services officer pled guilty to unlawfully accessing personal data. She was ordered to pay a £300 fine, £364.08 costs and a victim surcharge of £30.

What has the ICO said about the data protection breach?

The Information Commissioner’s Office (ICO) is the UK’s data protection regulator. A spokesperson for the ICO said:

“People have the absolute right to expect that their personal information will be treated with the utmost privacy and in strict accordance with the UK’s data protection laws.

“Our prosecution of this individual should act as a clear warning that we will pursue and take action against those who choose to abuse their position of trust”.

Read all the details about this ICO case here.

Lessons learned

This social housing data breach case should remind people that they could face fines if they access or share personal data without a valid reason.

Also, all organisations need to do more to protect personal data. This includes ensuring comprehensive data protection training is in place. And making sure employees understand the consequences of breaking the law.

Organisations should have adequate and robust protections to ensure that such information is only available to people who need it. There should also be a record of such access.

Not Just Hackers

At Hayes Connor, our expert solicitors deal with a significant number of data breach cases each and every day. During our work, we see many different types of claims and understand how social housing data breaches can affect people in different ways.

Helping to reduce the number of data violations taking place across the UK, we are sharing such real-life examples of data protection breaches to raise awareness of this issue and educate people to prevent similar instances from happening.

You can find out more about our work here.

For more advice on how to keep your data safe, follow the Hayes Connor #NotJustHackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a social housing data breach, find out how we can help you to recover any losses or contact us to discuss your case in more depth.

 

data breach compensation
,

What do you need to know about data protection claims?

Businesses and public sector organisations use a significant amount of sensitive information about their customers and the people they help. And, they need this personal data to carry out their duties. And to provide a quality service. But, while almost nobody objects to this information being used, they have a duty to use and store it responsibly. And, where this doesn’t happen, you could have a data breach compensation claim.

All kinds of organisations use personal information. For example:

  • Businesses
  • Charities
  • Banks and other financial bodies
  • Government departments
  • Local Authorities
  • The NHS
  • The Police
  • Schools
  • Her Majesty’s Courts & Tribunal Service (HMCTS).

What personal information do companies need?

This will depend entirely on why your data is being used. It could include your:

  • Name, address, telephone number and email address
  • Bank and credit card details
  • Ethnicity, religious beliefs, political opinions and gender identity
  • Medical history
  • Employment and education history
  • Criminal record.

Why is data breach compensation necessary?

A data breach can result in both financial and/or identity theft. But the impact of data breaches goes much further than financial losses. Many victims also go on to suffer from stress, anxiety and distress.

If an organisation does not meet its data protection responsibilities, and you suffer financially or emotionally because of this, you may be able to make a data protection compensation claim. This is an important right. Not least because serious damage can be caused if your personal information gets into the public domain.

Your information must be correct

Under the latest data protection legislation, organisations have to do more than just keep your data safe. They also have to ensure that it is up-to-date and correct. This is because there can be serious consequences if incorrect data is stored about you.

For example, a police “gangs” database was found to be in breach of data protection laws after it was revealed that many of the people on the list had never been in a gang. These people also had “zero” risk of causing harm. The data was also inappropriately shared with other public bodies. This included local councils, housing associations, and education authorities. And, as a result, many people faced sanctions relating to housing, jobs and other public services.

Likewise, if your medical records are wrong, this could prevent medical conditions being diagnosed correctly and essential treatment from taking place.

You can claim for damage and distress

Data breaches can and do cause serious and lasting damage. To claim compensation, you must be able to prove that you suffered as a result of the breach. This includes financial and medical harm as well as anguish and anxiety.

  • Financial losses. With enough information, cybercriminals can use your bank and credit cards, apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.
  • Emotional distress. Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is no harm done. A data breach can have a significant impact on you mentally and physically. For some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job.

What are the main data protection rules?

The Data Protection Act (the UK’s interpretation of the GDPR) sets out rules to protect you and your personal data. Under these rules, organisations must not:

  • Store inaccurate or out-of-date information about you
  • Hold your data for longer than necessary
  • Make your confidential data public
  • Tell you why they need your data
  • Use your data outside its stated purpose.

If an organisation breaches any of these rules your rights are infringed, and you may be entitled to data breach compensation.

Types of data breach claims

A data breach can occur in any industry, business, school, organisation, or government department (e.g. the police, the NHS and the social services). Common types of data protection compensation claims include where:

  • Data has been inadvertently lost, hacked or leaked
  • Your identity has been stolen to obtain credit cards fraudulently
  • Personal data has been sent to a third party without your express permission
  • An organisation failed to maintain up-to-date, accurate information about you and this caused you damage
  • Your privacy has been compromised as part of a whistle-blowing operation
  • Personal information has been misused or mishandled
  • An organisation broke the law and used your information for journalism, artistic or literary purposes without your permission.

Corporate data breach claims also happen where businesses have had their company data leaked (e.g. banking information, business plans, etc.).

Making a data breach compensation claim

At Hayes Connor Solicitors, we help our clients get the compensation they deserve following data protection breaches, cybercrime, and other online offences. Our experts deal with a significant volume of data breach cases each day, and, during our work, we see how data breaches can affect people in different ways.

There are two main ways we get compensation for our clients:

Individual cases

In most cases, data breaches aren’t caused by scammers trying to hack big businesses, but by simple human errors. And while these incidents don’t make the headlines, for those involved the experience can be just as devastating.

Group actions

In many cases, where a breach occurs, you won’t be the only person making a claim. In such circumstances, it is often worth joining a group action claim. Where cases are very similar, group actions can be a powerful tool and can have a bigger impact than a single claim.

What is the ICO?

The Information Commissioner’s Office (ICO) is an independent authority, set up to uphold information rights in the public interest. It also promotes openness by public bodies and data privacy for individuals. While the ICO does not award compensation, it does have the power to impose hefty fines on organisations in breach of their duties.

You have the right to ask the ICO to assess if an organisation breached the Data Protection Act.

Helping our clients get the data breach compensation they deserve

Every day serious data breaches take place. And, all too often these breaches put people’s mental health and even their lives at risk.

Our data protection solicitors provide high-quality, sensitive legal advice and support to help victims of data breaches and cybercrime to claim compensation. We may be able to act for you on a NO WIN, NO FEE basis.

Find out more about making a data breach claim with Hayes Connor Solicitors.

 

data breach compensation
,

Help is as important as data breach compensation

At Hayes Connor Solicitors, we can help you to make a data breach compensation claim after your personal information was put at risk by an organisation you trusted to look after it.

But more than this, we also want to make sure that you understand your data protection rights. And provide the information you need to protect yourself following a data breach. So, as well as claiming data breach compensation, what else can you do to get data breach help?

Have you been a victim of a data breach?

In our digital age, your personal data is of enormous value. Not just to yourself, but also businesses, and, unfortunately, cyber-criminals. As such, data breaches are now a common occurrence as negligent corporations fail to put the necessary security measures in place to protect user accounts, passwords, contact details and sensitive and financial information.

Last year, data breaches affected billions of people. And, in the UK, many group action claims have been launched. For example, we have initiated data breach compensation actions against the likes of British Airways, Equifax and Dixons Carphone Warehouse.

So, if you’ve suffered damage or distress as a result of an organisation breaching any part of the Data Protection Act or the General Data Protection Regulation (GDPR), then you have a right to compensation.

Find out more about making a data breach compensation claim.

Why you need data breach help

A data breach can result in both financial and/or identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts. And, to make matters worse, with criminals rarely caught, getting your money back following a scam is not easy.

What to do if you are worried about the security of your money and personal information:

  • Contact your bank/credit card provider immediately
  • Consider a credit freeze until the matter is resolved
  • Report the scam to the police and contact Action Fraud for advice on what to do next
  • Keep an eye on your bank and credit card statements to see if there is anything you don’t recognise
  • Let the credit reference agencies know of any activity that was not down to you
  • Register with the Cifas protective registration service. This will slow down credit applications made in your name with additional verification checks made to ascertain that the applicant is actually you.

You don’t need to have lost money to get data breach compensation

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is no harm done. Following the Ticketmaster data breach, over 30% of our clients suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

Being the victim of a data breach can have a significant impact on you mentally and physically. The effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job.

Thankfully, over the last few years, people are waking up to the reality of mental health. And there is a greater awareness about the lasting effects of physiological suffering and anguish. Crucially, the law agrees and recognises the amount of damage that can be caused by having your information breached.

Data breach compensation case studies

As well as data breaches caused by cybercriminals, every day, people are also suffering following smaller data breaches. These privacy violations can have a severe and often lasting impact on them. In most cases, these data breaches are caused by simple human errors. And while these incidents don’t make the headlines, for those involved the experience can be just as devastating.

Check out our data breach case studies for more information on these kinds of breaches.

If you have been affected by a data breach, regardless of whether a hacker or a stupid mistake caused it, you can make a data breach compensation claim.

Where to get data breach help

Committed to reducing the amount of data privacy violations, and supporting victims wherever we can, we have collated a list of websites you can turn to for data breach help, advice and support – before, during and after a data breach. Find out more about getting data breach help here.

Or you can contact Victim Support for more information.

Got a question or need some data breach help or advice?

If you have suffered from a personal data breach, let us know to see how we can help.

CONTACT US

data breach solicitors
,

How to choose data breach lawyers in the UK

When it became clear that people across the UK were mis-sold PPI, often to the tune of thousands of pounds, there was a surge of new claims management companies on the scene. These lawyers promised to help consumers get back what they were due. But, in many cases, assurances of no up-front fees turned into extortionate commission rates. And that left people short-changed. Today, with the deadline for consumers to complain about the sale of PPI products coming to an end, many unscrupulous claims management firms will undoubtedly switch from PPI to GDPR. But, that doesn’t mean that victims of data breaches shouldn’t claim compensation. What matters is that they get the professional legal representation they deserve. So, if you have been the victim of a data breach or cybercrime, what should you look out for when choosing UK data breach lawyers?

Are they data breach experts?

At Hayes Connor Solicitors, we believe that the best way to make big companies pay for their failures is to use a specialist lawyer. Of course, you would expect us to say that – but let us explain why.

We have become a true specialist in data breach law. This is all we do. And, because of this, we have the legal expertise needed to take on big players such as Ticketmaster and Equifax. And, where enough people come forward, we might even launch a group action against a company. We believe that a group action is the best way forward for data breach claims. It allows people with the same type of claim to bring it together on a collective basis. This strengthens their overall position and increases their chances of success.

In addition to our own legal expertise, we also work with expert barristers to help us win our cases. So we are confident that our team of UK data breach lawyers will get the results you deserve.

Crucially, when it comes to making a compensation claim, a lack of care can leave data breach victims open to advice and representation below the standard expected by the profession. And this could ultimately see you lose out financially as a result.

Are they pushy?

We get angry when we hear about people being pressured into making a data breach compensation claim. The decision should always be 100% yours. And, you should always feel in control of the situation. So, if someone you have never heard of starts calling you up to tell you they can help with your data breach, then you are right to be annoyed.

At Hayes Connor Solicitors, we only ever get in touch with people who have asked us to. This means we never cold call, send spam texts, spam emails, or engage in any other form of nuisance marketing. We never pressure anyone into making a claim.

Are they registered with the Solicitors Regulation Authority?

Before appointing UK data breach lawyers, you should check that they are regulated by the Solicitors Regulation Authority (SRA).

Firms regulated by the SRA meet the high standards set by the regulator. It also means that you are appropriately protected should anything go wrong.

SRA regulated firms are also required to display their SRA ID on their letterhead, email and website. Hayes Connor Solicitors is a trading name of FD Law Ltd. FD Law Ltd is regulated by the Solicitors Regulation Authority, SRA number 632067.

How long have they been doing this for?

Data breach and cybercrime breaches are a relatively new and evolving area of law, so it’s difficult to find specialists in this area. But, over the past 18 months, our firm has established itself as the only niche provider of legal services in this area. As such, we lead our field when it comes to understanding the complexities involved.

But before that, we worked on different types of compensation claims. And, with over 50 years’ experience helping our clients secure the justice they deserve, our UK data breach lawyers work tirelessly to ensure the best possible outcome for you. Both in terms of damages achieved and service delivered.

Will they provide a free consultation?

The best data breach lawyers in the UK will provide you with a free consultation to make sure they can help you before asking for any money.

If you want to make a data breach or cybercrime compensation claim with Hayes Connor, we’ll advise you on whether you have a valid claim, answer any questions you might have and go through your options with you without charging you a penny.

But more than this, as well as providing a free initial assessment of your case, we have also created a wealth of free advice, news and other resources to raise awareness of the importance of data protection. We encourage individuals and organisations across the UK to use this information to help keep everyone safe.

What type of cases can they help you with?

Before you make a data breach compensation claim, you should check to see whether the solicitor has any experience winning similar cases.

At Hayes Connor, our experts deal with a significant volume of data breach cases each day. During our work, we see many different types of claims and how data breaches can affect people in different ways. There are two main ways we get compensation for our clients:

What will they help you to claim for?

All too often, claims management companies are more concerned about making fast cash than helping victims. So, while they might help you get some money back for a data breach, they are less concerned about ensuring you are fully compensated for the long-term and often physiological effects of a breach.

When you appoint us, we make sure you get the maximum compensation possible. Typically, we would look to claim for:

  • Any money lost (e.g. if a cybercriminal used your bank card)
  • Stress, worry, and anxiety
  • Any recognised psychological injury
  • The effect that the leak has had on your social and home life
  • Any loss of earnings as a direct result of the breach (e.g. if you need time off work or lose your job)
  • The loss of future earnings (e.g. if you have to drop out of university)
  • Any expenses that you have had to pay as a result of the data breach (e.g. private medical care, travel expenses, accommodation, etc.).

Because we understand that the full impact of a data breach is often not felt until months after the initial violation, we take a long-term view when it comes to claiming compensation on your behalf.

But more than this, because we want to help you get your life back on track ASAP, we also provide a wide range of information to help our clients protect themselves once a breach has occurred. And we work with Victim Support to help those affected by cybercrime and data breaches.

Do they offer no-win, no-fee?

Access to professional legal advice is a fundamental right. That’s why it is vital that everyone can afford to make a data breach or cybercrime compensation claim should they need to.

Removing the financial risk, at Hayes Connor Solicitors, we provide our services on a no-win, no-fee basis to help our clients get the compensation they deserve. So, if we don’t win, you don’t have to pay us a penny.

How much will they charge you if you win?

If your claim is successful, you usually have to contribute towards your solicitor’s costs.

This ‘success fee’ is taken from the compensation awarded to you, and in some cases, it can be much higher than you expected.

The amount of the success fee depends on when your case is settled, but with Hayes Connor Solicitors, you never have to pay more than 25% of your compensation. We have to charge this to cover our costs in smaller/individual cases. There are no hidden charges or other administration fees.

What’s more, if enough people come forward to make a large group action claim, we might be able to waive this fee (by getting the other party to pay it instead of you). So, in some large group actions, there are no solicitor’s fees win or lose and you could receive 100% of the compensation awarded to you.

We always make sure you are fully informed about any potential costs before we proceed.

Choosing a UK data breach lawyer? Choose Hayes Connor!

With data breach claims rarely out of the news, it is likely that high-profile data breaches could be seen as a way to make a profit by unscrupulous claims management “factories” and “ambulance chasers”.  So it’s vital that you are aware of what is at stake and the options available to you.

Our process is also fully compliant with ICO guidance and we never put your details at risk.

 FIND OUT MORE ABOUT MAKING A DATA BREACH CLAIM WITH HAYES CONNOR SOLICITORS

british airways breach
, ,

Don’t leave it too late to join the British Airways data breach

This week, the ICO said that it is considering fining British Airways a staggering £183 million for its part in one of the most severe cyber-attacks in UK history. This is because, while cybercriminals hacked the airline, the British Airways data breach was only possible due to inadequate security arrangements.

As a result of the data hack, almost 400,000 British Airways customers had their personal details and bank cards stolen. Enough details were exposed to make the threat of cybercrime a real possibility. Many banks had to cancel and re-issue cards as a result of the breach.

Don’t leave it too late to join our No Win, No Fee, BA data breach compensation case

At Hayes Connor Solicitors, we are taking a group action against British Airways to help victims of this data breach to claim compensation. We can help you claim compensation for financial losses, as well as for inconvenience and distress.

Make sure you don’t miss out on the compensation you deserve!

Since the data breach, we have been contacted by hundreds of people who were put at risk by BA. And, if you have been in touch about joining this case, it’s vital that you now complete and return the information we have sent to you (links included in our initial documentation).

If you have misplaced this information, or if you require copies, please do not hesitate to email us at enquiries@hayesconnor.co.uk

What if you haven’t previously contacted Hayes Connor Solicitors about the BA data breach?

The action that we are taking against BA is still open to you to join. But, as we have already started our group action case, it is vital that you register with us ASAP.

What is a group action case?

A group action claim is where a group of people – sometimes even thousands of people – have been affected by the same issue. Group action cases are also known as class actions or multi-party actions.

With a group action claim, this group of people (the Claimants) collectively bring their cases to court against a Defendant. In this case, British Airways. These victims then fight together to achieve compensation in the High Court of Justice.

Where cases are very similar, group actions can be a powerful tool and can have a bigger impact than a single claim.

What does the ICO fine mean for this case?

Investigating why the British Airways data breach was able to happen, the ICO found that information was able to be compromised by inadequate security arrangements at BA. This means that BA will be held responsible for its failure to protect customer data. But, while the ICO has the power to impose data breach fines, it does not give this money to victims of the data breach.

However, we can use the evidence uncovered by the ICO to make a very strong case. So, if your data was put at risk by BA, you should now make a data breach compensation claim.

To join our British Airways data breach group action compensation claim, register with us today.

REGISTER NOW

 

Information Breached
,

Pensioners’ confidential information breached after printing error at Waltham Forest Council

Human error is the leading cause of privacy violations. And, a mistake at Waltham Forest Council has resulted in thousands of pensioners having their confidential information breached.

This grievous error happened when a “printing error” produced P60 forms which included the confidential information of two different people. Worryingly, this mistake wasn’t spotted. So, pensioners received their P60 forms with their own, correct information on the front, and a stranger’s details on the back.

The confidential information breached included their national insurance details, addresses and other private information.

In total, over 3,000 incorrect statements were issued.

Why was this confidential information breached?

The mistake was flagged on Facebook by James O’Rourke. His mother-in-law received a double-sided P60. He said:  “It appears Waltham Forest Council has yet again been frivolous with its residents’ data.

“My mother-in-law, a former council employee, received her pension P60 this week. To her horror it had been printed upon on both sides, the reverse side being another person’s P60.

“A few days later she received another P60 with an attached letter. No reassurance as to whether her data has not been so sloppily dealt with.

“This is not the first time the council has breached the Data Protection Act this year, so the Information Commissioner’s Office must take immediate action and the ultimate person responsible taken to task.”

Waltham Forest Council admits the breach

In a letter, Waltham Forest Council admitted the breach. The council stated: “Due to an error with our printing partners a small number of these were printed with information on the reverse relating to another customer. We sincerely apologise for this error.

“Please destroy the P60 you were sent originally immediately and securely, using a home shredder if possible.

“You can also send this to the council if you would like us to destroy this for you.

“I can assure you we are taking steps to prevent any future occurrences of this type of error in the future.”

A council spokesperson has also said that: “We take protecting people’s data very seriously and are very sorry for any concern caused.”

What can you do if you have had your confidential information breached?

Waltham Forest Council has investigated the issue, and it has implemented new sign off procedures to prevent this from happening again. It has also sent an apology letter to everyone affected.

But this falls far short of what we would expect.

In far too many cases, when a breach occurs the accepted risk management plan seems to be to apologise and promise it won’t happen again. But such a noticeable absence of care over the very real impact of a data breach should not be tolerated or accepted.

What’s more, the council has also said that there is no risk of fraud because of the data breach. But there is simply no way they can know this. Every day we see what happens when the personal information of people across the UK falls into the wrong hands. And, even where cybercriminals are not initially involved, the consequences can be damaging and long-lasting.

Not just hackers

Data breaches are not just caused by cybercriminals. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses. You can make a compensation claim if you have struggled emotionally following a data breach, even if you have not experienced any financial loss.

To find out more, give us a call on 0151 363 5895 to discuss your case in more depth.

 

data protection claims
,

Why do some people make a mockery out of data protection claims?

As data breaches continue to rise, we are holding more and more companies to account for their violations of trust when it comes to your valuable information. However, as we do that, we are sometimes compared to “ambulance chasers”.

But, while some might view GDPR claims as opportunist, for the millions of people suffering because of a data breach, this couldn’t be further from the truth. Every day, privacy breaches are causing misery and upset to people across the UK.

Data breaches can be devastating

At Hayes Connor Solicitors, we see many different types of claims. And we know how data breaches can affect people in different ways. For example:

  • As a direct result of a NHS privacy violation – our client’s relationship with her family broke down. She received threats from a family member resulting in police involvement. There was also an ongoing worry of further danger. Our client suffered stress, anxiety attacks and trauma. And she required medication to help manage the psychological effects of this terrible breach of trust
  • A bank sent personal information disclosing our client’s financial situation to his previous address. His ex-partner still lived there. This happened despite him changing his address with his bank five years ago. Our client’s ex-partner shared this information with her friends and family. This caused him significant distress and embarrassment. Furthermore, once aware of his financial position, our client’s ex-partner refused him access to their children and prevented him from taking them on holiday
  • A data mix up and breach saw a stranger turn up at our client’s home and accuse her of attempting to “clone” his daughter’s identity. Our client was alone with her two young children, one of who is disabled. She found this experience both frightening and upsetting.

As you can see, we deal with serious cases that often put people’s mental health. In some cases, even their lives at risk. So downplaying the impact of a data breach claim is extremely disrespectful to the victims.

GDPR data breaches must be taken seriously

When it became clear that people across the UK were mis-sold PPI, often to the tune of thousands of pounds, there was a surge of new claims management companies on the scene. All promising to help consumers get back what they were due.

But, all too often, these companies were more concerned about making fast cash than helping victims. Assurances of no up-front fees turned into extortionate commission rates. And that left people short-changed.

With the deadline for consumers to complain about the sale of PPI products coming to an end, many unscrupulous claims management firms will undoubtedly look to switch from PPI to GDPR to make money.

But, that doesn’t mean that victims of data breaches shouldn’t claim compensation. It’s not their fault that ambulance chasers are preparing to go after the GDPR negligent. What matters is that they get the professional legal representation they deserve.

We hate spam and pushy lawyers!

At Hayes Connor Solicitors, we have never done PPI claims. What’s more, we only ever get in touch with people who have asked us to. This means we never cold call, send spam texts, spam emails, or engage in any other form of nuisance marketing. We never pressure anyone into making a claim.

Instead, we believe that it is vital to educate people to help prevent such breaches from happening. And, where a violation has occurred, we make no excuses for seeking compensation. This is necessary to help people get their lives back on track as soon as possible.

Furthermore, we don’t believe that our obligation to our clients stops there. We also give them all the information we can so that they can protect themselves after a breach, and stop a bad situation from becoming worse.

Organisations must be held to account for data breaches and their failure to protect our personal data

The sheer scale of the information we share on online is enough to leave victims open to the threat of financial and identity fraud. For example, with enough data, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

But what many people don’t understand is that the emotional impact on victims can be just as devastating. For some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect a person’s friends, family and job.

And, in most cases, data breaches aren’t caused by scammers trying to hack big businesses, but by organisations not taking data protection seriously resulting in simple human errors.

With hacks and breaches happening more and more often, something has to be done to make companies accountable for such loss and anguish. So, claiming compensation isn’t just in the best interests of victims – it could also be the only way to ensure that organisations implement more secure processes.

Perhaps it’s time to turn the spotlight on those businesses not doing enough to meet their legal obligations under the GDPR?

data breach compensation
, ,

How has the British Airways data breach hurt passengers?

At Hayes Connor Solicitors, we’re helping victims of the British Airways data breach to claim compensation after their personal information was put at risk by the airline. An organisation they trusted to look after it.

But all too often, we hear accusations that the people trying to recover from the BA data breach are “trying to get something for nothing”.

However, data privacy breaches can have a severe and often lasting impact on those affected. As such, we believe it is vital that organisations like BA are held to account for their failure to protect our personal information.

Brand loyalty is all well and good, but it’s vital that we don’t put the needs of big companies above the rights of customers.

Here’s why we believe it’s essential that people are able to hold businesses like BA to account.

The financial impact of cybercrime can be very harmful

Cybercrime can result in financial fraud and identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Despite claims from BA that it had not received reports of fraud resulting from the attack on its systems, in November last year it was reported that Russian hackers might have made millions selling credit card details stolen from BA customers.

And, even if nothing has been done with that information as yet, it doesn’t mean the stolen data is safe.

Working exclusively on data breach and cybercrime cases, it has become clear to our solicitors that the impact and losses people sustain following a data privacy violation are not always immediately apparent. Indeed, in the Ticketmaster data breach, we are starting to see cases where the impact only became clear months later. This is often because data stolen is used in batches over time.

To date, 63% of all the clients we took on in the Ticketmaster data breach case suffered multiple fraudulent transactions on their payment cards.

So, as yet it’s impossible to say how many people have been impacted by the BA data breach, and to what extent.

Certainly, according to an article in The Metro, at least one BA customer is reported to have suffered fraudulent activity on their credit card, which was used to book a BA flight during the time the data was at risk.

Your mental health matters

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is “no harm done.”

Being the victim of a crime can have a sizable and lasting impact on you mentally and physically. Everyone copes differently, but for some the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. Some data breach victims become paranoid and oversensitive about their personal privacy and can go on to develop depression.

Thankfully, over the last few years, people are waking up to the reality of mental health, and there is a greater awareness about the lasting effects of physiological suffering and anguish.

For example, following last year’s Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen. And, like the financial losses, often the full impact wasn’t felt until much later.

“The effects of crime can also last for a long time, and it doesn’t depend on how ‘serious’ the crime was. Some people cope really well with the most horrific crimes while others can be very distressed by a more minor incident”.

Victim Support

Despite this, the emotional impact of data breaches is still not being taken seriously by those organisations we trust to look after our sensitive information. And we believe this to be true in this case.

Following the BA data breach, the airline said that compensation claims would be discussed on an ‘individual basis’. However, it is not up to the airline to dictate the terms of any compensation payments. And it is certainly not clear how (or indeed if) BA intended to evaluate the emotional impact the data breach had on its customers.

“As a result of increased volumes of data breach incidents, lawyers and experts are using their respective skills to assess the psychological and social consequences, symptoms and ‘injuries’ in reliable and valid ways. Structured interviewing, psychometric assessment and perusal of medical and occupational records are all part of this process”.

Professor Hugh C. H. Koch visiting professor in law and psychology at Birmingham City University School of Law and clinical psychologist

Loyalty works both ways

Should a data breach happen, we would expect the organisation in question to do everything in its power to keep its customers safe and prevent further damage. But this doesn’t seem to be the case following the BA data breach.

Some customers have complained that they have not been contacted by British Airways about the data breach, despite having seen fraudulent activity on their payment cards. Others have complained about BA advising customers to go to their bank for advice, rather than issuing its own instructions to help travellers stay protected.

 Speaking to The Telegraph, one BA customer said: “I saw the tweet, that was the first I knew of it.” He added: “I’ve not heard anything from them on this and I’ve just had to cancel the card I used. They’re a shambles.”

Another customer said she had been left vulnerable after being forced to cancel her bank card while travelling alone in the middle of Vietnam. She tweeted that she was “furious” with the airline and that she only found out about the data breach from news; before BA had the decency to her that she was likely affected.

She went on to tweet: “All companies have problems, some of them will affect their customers. That is a simple fact of business. How the company reacts, communicates & cares, is everything.

“British Airways are failing badly on this. I can’t even get a team manager in their call centre to call me.”

 While another BA customer told the BBC: “I have six cards linked to my BA account. I have no idea how much of my data information has been stolen. I will have to go to each of my credit card providers, cancel the cards, and all the direct debits, etc., related to those cards. This will take a long time, something I have to do with no help from BA”.

 Make a British Airways compensation claim with Hayes Connor Solicitors

At Hayes Connor, we want to reduce the number of data violations taking place across the UK.

To do this, we are helping to raise awareness of data breaches and cybercrime, and educating people and businesses to prevent similar infringements from happening. For more advice on how to keep your data safe, follow us on Twitter and Facebook.

But, where a breach has already occurred, it’s vital that you can recover your losses. We could be talking about one of the most severe data breach cases to hit the UK, so it’s critical that people can get the help they need.

To join our British Airways data breach group action compensation claim, you will need to register with us. We’ll let you know what is happening in this case and if and when you can make a BA data breach compensation claim.

 REGISTER NOW

breach compensation
, ,

Making a compensation claim helps to address the real-life impact of data breaches

At Hayes Connor Solicitors, we help our clients to make compensation claims after their data has been put at risk by the organisations they trust to look after it.

In some cases, these data breaches are massive news stories following hacks against the likes of Ticketmaster, Equifax and British Airways. But, every day, we also help people come to terms with smaller data breaches that have a severe and often lasting impact on them.

But, although we believe that these organisations must be held to account for their failure to protect our personal information, all too often people who make a data breach claim are accused of “trying to get something for nothing”. So let’s set the record straight.

The impact of cybercrime can be devastating

Cybercrime can result in both financial and/or identity theft. And the result of either of these can be devastating. With enough information, cybercriminals can apply for credit in your name, set up fraudulent bank accounts and access your existing accounts.

Following last year’s Ticketmaster data breach, 63% of all the clients we took on suffered multiple fraudulent transactions on their payment cards.

Worryingly, getting your money back following a scam is not always easy. For example, in a recent example of takeover fraud, a customer of the Royal Bank of Scotland (RBS) had more than £4,300 stolen from her account despite the fraudulent caller answering one of her security questions incorrectly. Despite the failure in their processes, the bank maintained that the customer was aware of the transaction and refused to refund her. Find out more about this case.

Claiming for distress isn’t an overreaction

Even if you haven’t lost out financially after a data breach, this doesn’t mean that there is “no harm done.”

A personal data breach is a 21st-century version of being burgled. If a criminal came into your home and stole your private information, you would be distressed. So why should you feel any less upset at having your online data taken?

Following last year’s Ticketmaster data breach, 31% of all our clients involved in this case suffered from distress and/or psychological trauma as a result of having their card details stolen and used in fraudulent activity.

Being the victim of a crime can have a significant impact on you mentally and physically. Of course, everyone reacts differently, but for some people, the effects can include a lack of sleep, feeling ill, unsettled or confused. Stress can also affect your friends, your family and your job. So being told to just “get over it” isn’t helpful.

According to Victim Support: “The effects of crime can also last for a long time, and it doesn’t depend on how ‘serious’ the crime was. Some people cope really well with the most horrific crimes while others can be very distressed by a more minor incident”.

Even smaller data breach cases can have a huge impact. For example, in a recent case, our solicitors saw the impact of what can happen when sensitive information was sent to the wrong address by mistake.

Thankfully, over the last few years, people are waking up to the reality of mental health and there is a greater awareness about the lasting effects of psychological suffering and anguish. Crucially, the law agrees and recognises the amount of damage that can be caused by having your information stolen.

Holding organisations to account could be the only way to ensure they take your security seriously

The sheer scale of the information we share with organisations is enough to leave us all open to the threat of fraud, anxiety and stress. So it’s no surprise that we are worried about what could happen if this data gets into the wrong hands. As such, something has to be done to make companies accountable for any harm done.

Cybercriminals are becoming more and more sophisticated. But this doesn’t let these organisations off the hook. If they have done everything in their power to protect your data and have robust security processes and procedures in place, it is unlikely that a claim would be successful. In fact, this is why we usually wait for the results of an investigation by the ICO before starting a claim.

But the reality is that in most cases, data breaches happen because of a failure to implement reasonable and robust processes. So claiming compensation isn’t just in your best interests, the only way these organisations will be persuaded to take their responsibilities seriously and make the necessary improvements is by hurting their bottom line.

The real-life impact of data breaches

At Hayes Connor, we want to reduce the number of data violations taking place across the UK. For more advice on how to keep your data safe, follow our #notjusthackers campaign on Twitter and Facebook.

Alternatively, if you have been the victim of a data breach or cyber fraud, find out how we can help you to recover any losses or give us a call on 0151 363 5895 to discuss your case in more depth.

libel
,

Online defamation and libel: know your rights

Defamation is a bit of a hot topic at the moment. Earlier this year, writer and food blogger Jack Monroe won a libel action against Katie Hopkins, and was awarded £24,000 damages, for tweets which suggested that Monroe approved of defacing a war memorial during an anti-austerity demonstration in Whitehall. As a result of the fine, Hopkins had to apply for an insolvency agreement to avoid bankruptcy. Libel is a form of defamation.

Other instances where defamation has been brought into the public eye include where high-profile celebrities or businesspeople have brought an injunction to prevent the publication of material that would be damaging to their reputation (so-called gagging orders).

If you have been the victim of online defamation, it’s vital that you know your rights and what you can do to protect your reputation and achieve redress.

What is defamation?

Defamation is an all-encompassing term that covers any statement that damages someone’s reputation.

A defamatory statement can be made in:

  • Verbal form. This is classed as slander because only the spoken word is involved. Slander can be difficult to prove
  • Written form. This is classed as libel. A case for libel is easier to bring because evidence can be documented.

Defamation makes an ordinary person modify their opinions of another person as a direct result of hearing or reading the statement. Under UK law it is possible to defame businesses as well as individuals. A person that has suffered a defamatory statement can sue the person that made the statement under defamation law.

What is libel?

Online defamation tends to involve libel. You could accuse someone of libel against you if they:

  • Sent an email, or an email attachment defaming you, where that email is widely posted or forwarded
  • Made defamatory material available via a web page
  • Posted defamatory material to an email list or newsgroup
  • Streamed defamatory audio or video.

Anyone who actively transmits defamatory material may also be liable as part of any legal action.

What about freedom of expression?

It is accepted in a democratic society that individuals have a right to express their views and preferences. The internet offers great potential to do this.

Defamation is an abuse of this freedom of expression; where untrue statements may have a harmful impact on a person’s reputation.

It is critical to ensure that unfounded claims should not be allowed to damage a person’s reputation, but it is also vital for the law to balance such protections with the rights to freedom of expression. As such, the issue of defamation has become a much contested topic.

Of course, there is a balance to be had between one person’s right to protect their good name and another person’s freedom of speech. However, if someone has made an untrue statement about you, which was published on the internet, and which caused you injury, then you are entirely in your rights to sue for online defamation.