A claim for data not actually breached

An interesting case of a company who was the victim of a cyber-attack who held personal details of a client who successfully claimed even though his details were not actually accessed unlawfully.

Get My
Claim Started

Company cyber-attacked but successful claimant’s data not actually breached

The situation

The Head of our Data Breach department, Mr Matthew McConville has successfully represented a male against a company whom were subject to a criminal cyber-attack a few months ago. The details of Mr McConville’s client and the company have to remain confidential due to the entering of a Settlement Agreement particularly as a criminal investigation is still ongoing.

The resolution

What is interesting about this case is that although it has later transpired that the Claimant’s data was confirmed to have not been specifically breached/obtained by the attackers, Mr McConville has still managed to obtain a handsome settlement for his client. Mr McConville was able to do this because he argued that although the criminals accessed servers where the Claimant’s data was not held, this did not mean that the company’s IT systems were completely safe a secure to hold personal data.

The reasoning

Mr McConville argued that the criminals could have accessed the server upon which his client’s data was stored if they wanted to do so. As such, this was a breach of the Data Protection Act 2018/General Data Protection Regulations 2018, a breach of Article 8 of the Human Rights Act 1998, a breach of confidence and a misuse of private information. After argument, a settlement was agreed between the parties, of which, details have to remain confidential for the above reasons.

Posted in Case Study

If your data has been breached, such as being released into the public domain . . .
. . . you may have a claim.

0800 954 0243

[email protected]

● Website designed & hosted by Cyberfrog DesignRegulatory Information and Privacy PolicyCookie PolicyComplaints Procedure