Have I Been Pwned set to hit 10 billion milestone

As a leading firm of data breach compensation lawyers, we’re concerned to hear of the milestone that’s about to come for the Have I Been Pwned website.

According to media reports from the Evening Standard, the repository site is about to hit a significant and concerning milestone of 10 billion hacked personal records. This is thought to not even include the recent easyJet breach where 900,000 million records were involved.

This news really does highlight just how significant the risk of breaches and attacks are nowadays, and it hits home that the threat of hackers continues to grow.

Have I Been Pwned about to hit milestone

The media reports suggest that there are currently 9.8 billion records searchable on the Have I Been Pwned website. People can use the site to check if their records have been affected by a huge range of data breaches over several years, and many people find that, after searching on the site, their data has been exposed at least once.

Founder and security researcher Troy Hunt provides the search function for anyone to use, and breaches include some of the biggest ever seen, such as the infamous Yahoo and LinkedIn incidents.

Victims involved in some of the 45+ group and multi-party actions that we represent people for can use the search function as well.

What does this mean?

The upcoming Have I Been Pwned milestone is a real cause for concern. It shows the extent of just how many records have been breached, and this is a trend that looks set to continue.

In over six years of representing victims for data breach compensation claims, we now represent thousands of clients for individual cases and in dozens of actions. Breaches just keep on happening: look at this year alone with Marriott/MGM reportedly hit with another breach; the monumental easyJet cyberattack; and the Virgin Media data leak that we represent people for as well.

We’re involved in so many actions and cases because they just keep happening, and  we cannot see an end in sight.

The GDPR should have been a real catalyst for change. The power of the financial penalties that the Information Commissioner’s Office (ICO) can now issue are monumental. They can amount to up to 20 million Euros or 4% of the total annual worldwide turnover, whichever is higher. The initial intentions to fine British Airways and Marriott for their previous breaches have been set at £183m and £99m respectively.

The BA data breach happened just months after the GDPR came into force, which is surprising. Others did too, like the Ticketmaster data breach that we also represent clients for. Now, we have huge corporations facing significant fines and huge compensation pay-outs too. Our BA data breach action has been widely covered in the media with the potential overall estimated compensation bill topping as much as £3bn. We have also seen widespread coverage of our Virgin Media data breach action where the overall estimated bill could reach up to £4.5bn.

It’s clear that the deterrents are there, and the software and infrastructure is available for companies to invest in. So, given the deterrents and the huge amount of breaches that have already taken place, why aren’t preventable breaches being stopped in their tracks? It seems the answer simply lies with the fact that there’s still a lack of investment and focus on data protection and cybersecurity. The approaching Have I Been Pwned milestone appears to be clear evidence of this.

What can victims of a data breach do?

Victims of a data breach should never suffer in silence.

You could be entitled to claim data breach compensation, and you may be able to benefit from our No Win, No Fee representation.

You can speak to our team today for free and no-obligation advice here.

Government data leak compensation claims

Data breaches in the healthcare sector: what can you do?