Reading:
Bounty data breach leads to huge ICO fine
Share:
Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
The Information Commissioner’s Office (ICO) has issued a fine of £400,000.00 having concluded their investigations into the significant Bounty data breach.
We’ve already been contacted for help and taken claims for data breach compensation forward on a No Win, No Fee basis since news of the fine broke in the media. As many as 14 million individuals may have had their personal data shared, including new mothers and infants by extension.
The ICO has established that Bounty failed to properly inform users that their data would be shared for marketing purposes. The findings also confirmed that no one was able to give proper and informed consent as well.
The Bounty data breach has seen some 34 million personal records shared for around 14 million individuals to 39 third-parties. The third-parties included marketing agencies Acxiom and Indicia, as well as credit-referencing agency Equifax, and telecoms provider Sky.
Personal records were shared between 1st June 2017 and 30th April 2018, with some shared until 9th January 2018 depending on how the user signed-up to the service.
The breaches took place prior to the introduction of GDPR which is why the fine isn’t in the millions.
The ICO investigated Bounty having tagged them as one of the largest suppliers in the data broking industry they were looking at. Information that has been collected and possibly shared with third-parties in the Bounty data breach case includes:
In some cases, personal data was shared multiple times with the third-parties.
Bounty has breached data protection laws because they failed to acquire informed consent from users for their information to be shared. They also failed to list the names of all of the companies they were sharing data with, and some of the privacy notices were reportedly issues after a user had already signed up (which is past the point of data collection when it ought to be relayed).
The finding by the ICO was that Bounty had processed data unfairly. The ICO labelled their actions as “plainly deliberate” and called this a “serious contravention”.
If you were a victim of the Bounty data breach, you may be able to make a claim for data breach compensation. We can represent you on a No Win, No Fee basis, and we have already taken cases forward.
The Data Leak Lawyers are fighting for justice in over 25 different data breach actions. We’ve been helping people for years, and thousands have come to us for help.
Our initial advice is free and on a no-obligation basis.
We believe that there may be a case to answer. The ICO were highly critical of the incident, saying that this breach represented an “unprecedented number of affected data subjects in the history of the Commissioner’s investigations into data broking”.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
