Can I Claim For an Email Data Breach?

Suppose your personal information stored in an email account has been accessed by an unauthorised party resulting in fraud, identity theft or any criminal activity. In that case, you may be eligible for compensation as a victim of an email data breach. Additionally, you could claim compensation for any psychological distress caused by the wrongful exposure of your data.

The exposure of your personal information by someone with a legal obligation to protect it, and the resulting harm, could entitle you to file a claim for compensation. 

email-data-breachThe aim of this guide is to offer a complete understanding of the procedure for initiating an email data breach claim. It will cover the eligibility requirements for compensation claims, the deadline for submitting a claim, the ways in which email data breaches can happen, and recent examples of incidents. Additionally, the guide will outline the different types of compensation options available and provide instructions on how to make a No Win No Fee claim.

Should you have questions after reading this guide, please contact us. You can use any of the methods below:

Eligibility Criteria For An Email Data Breach Compensation Claim

The Data Protection Act 2018 regulates the UK’s processing and safeguarding of personal data. It mandates that personal data must be processed fairly, transparently, and with explicit consent from the individual. The Act also requires data controllers to put in place adequate measures to ensure the security of personal data.

If an organisation breaches the Act, causing harm to an individual, the victim has the right to claim compensation for both material and non-material damages. Material damages refer to financial losses incurred, while non-material damages relate to emotional distress or psychological harm suffered.

In addition,  the Information Commissioner’s Office (ICO) has the power to impose fines on organisations. 

Checking your eligibility 

Not every person whose data is exposed can make a data breach compensation claim.

To qualify for compensation in an email data breach case, you need to demonstrate that your personal information was compromised as a direct result of the wrongful action/s that caused the breach. 

Data exposed may include sensitive details like your name, address, date of birth, financial information, or any other data that could be used to identify you. 

Moreover, you must prove that the email data breach harmed you in some way. This may mean you’ve suffered material (financial) damages because of fraud or identity theft, for example. However, these are not the only damages you could claim for. If a data breach has caused psychological harm to you, you could claim for non-material damages too. 

How Long Do I Have to Claim?

Under the Limitation Act 1980, you have six years from the email data breach date to claim compensation in some cases but only a year in others. An advisor could explain these to you over the phone.

It is recommended that you make your claim as soon as possible, as this could make it easy to gather evidence. 

How Could An Email Data Breach Happen?

Email data breaches can happen in a number of ways. Some causes of email data breaches include:

Hackings –  Hackers can gain access to email accounts by exploiting vulnerabilities in security systems. They can steal personal information or use the account to send spam emails if they gain access.

Unintentional disclosure –  Such breaches can also happen due to a human error. For example, an employee could email sensitive information to the wrong recipient or recipients. 

Phishing attacks – This type of online fraud involves the perpetrator sending an email that seems to come from a legitimate source. This could be someone pretending to be a bank or other institution. The email usually requests the recipient to provide their personal information, which could then be used for fraudulent purposes.

Not every email data breach could lead to a claim. You would need to prove that the liable party acted wrongfully by breaching your personal data. Furthermore, you’d have to prove that you’d been harmed by the breach.

Email Data Breach Examples

In 2018, British Airways suffered a data breach that exposed the personal information of 500,000 customers, including names, addresses, email addresses, and credit card details. The breach occurred due to a vulnerability in the airline’s website and mobile app, which allowed hackers to steal customer data. The Information Commissioner’s Office (ICO) fined British Airways £183m for the breach, the largest fine ever issued by the ICO at the time.

In 2020, EasyJet announced that it had suffered a data breach that exposed the personal information of nine million customers, including names, email addresses, and travel details. EasyJet stated that credit card information of 2,208 customers was also exposed. The data breach occurred due to a highly sophisticated cyber attack. The ICO fined EasyJet £18.4m for the breach.

Both British Airways and EasyJet have faced significant backlash from customers and industry watchdogs for their handling of the data breaches. In addition to financial penalties, both airlines have been subject to numerous compensation claims from affected customers. The data breaches highlight the importance of strong cybersecurity measures and the potential consequences of failing to protect customer data.

What Email Data Breach Compensation Could I Get?

To receive compensation for an email data breach, several factors will determine the amount awarded. Compensation can be given for financial harm or distress. Material damages can include the financial impact of identity fraud or theft. Non-material damages can include compensation for emotional distress, as a data breach can sometimes lead to psychological harm. 

The Judicial College Guidelines provide a framework for calculating compensation for personal injury cases, including data breach claims. 

This considers the severity of psychological harm, the duration of the impact, and the effect on daily life. 

For example, severe psychological harm could receive between £54,830 to £115,730, while less severe cases could get £1,540 to £5,860. However, these are just guidelines, and a helpline advisor could provide more insight into possible compensation.

Getting Help From Data Breach Solicitors 

Email data breaches can be complex matters. Hiring a solicitor with experience in data protection law can you, as a victim of an email data breach, navigate the legal process, maximise your chances of success, and obtain the compensation you deserve. 

A solicitor can help with a range of tasks, such as gathering evidence to support the claim, identifying the liable parties, negotiating with the opposing party, and representing the claimant in court if necessary. In addition, solicitors can provide guidance on legal procedures, such as submitting the claim within the relevant time frame and ensuring compliance with court rules and procedures.

Furthermore, data breach solicitors can provide clients with peace of mind and reduce stress by handling the legal aspects of the claim on their behalf. This allows clients to focus on their recovery and other important matters, knowing that their legal matter is being taken care of by a professional.

No Win No Fee Email Data Breach Claims

Conditional Fee Agreements, which are sometimes the documents used to launch No Win No Fee claims, provide email data breach victims with a financial safety net. 

With a Conditional Fee Agreement, the client only pays their solicitor’s fees if their claim is successful. If the claim is unsuccessful, the solicitor waives their fees. This arrangement allows victims to pursue compensation without financial risk, making it an affordable and accessible option for those seeking justice. Additionally, the amount you would pay in a success fee is capped under the Conditional Fee Agreements Order 2013

To begin a No Win No Fee claim for an email data breach, you can contact an advisor to discuss your case and explore your legal options. 

The advisor will provide guidance on the next steps and connect you with a solicitor who specialises in email data breach claims. 

Find Out More About Email Data Breach Compensation Claims

Below, we provide some external guides you might find useful, relating to an email data breach claim. We also provide further guidance from our website, in case you would like to research further. 

Easyjet Data Breach -The ICO’s information about the aforementioned breach can be found here.

The British Airways Email Data Breach – You can find more about this breach here.

Defending Phishing Attacks – You can find information here on preventing phishing attacks.

Surgery Data Breach Claims – Has your surgical data been breached? Find out whether you could claim.

School Data Breach – Should a school have breached your data, you can find advice here.

Accountant Data Breach – Finally, learn more about what you could do if an accountant breaches your data.