As more and more organisations rely on cloud technology and digital storage, we may see growing numbers of unsecured database compensation claims.
As a leading firm of No Win, No Fee data breach solicitors, a lot of the thousands of compensation cases we represent people for involve this kind of breach. This includes one of the more recent infamous examples, which is the Virgin Media data breach incident. This is one of the over 45 data breach group and multi-party actions we’re involved with, and it’s not an uncommon kind of event.
When we see these kinds of data breaches hit the headlines, we’re here to help the victims. The law is on your side and you could be eligible to claim damages when your information is exposed or misused due to an unsecured database.
Unsecured database compensation claims: rights and eligibility
We represent victims for unsecured database compensation claims. For eligible clients, we may be able to represent you on a No Win, No Fee basis.
To be able to determine if you’re entitled to claim compensation, we will look at factors such as:
- Whether the breach was avoidable and how it has occurred;
- The nature and the extent of the information for you that has been misused and/or exposed;
- Who data has been exposed to and for how long;
- The personal impact for you.
In cases where a data breach has arisen from an unsecured database, it’s usually down to some form of negligence. A database should not be left unsecured and exposed, so it often comes down to confirming how a breach like this has happened. It’s usually down to human error, where someone has forgotten to secure it or hasn’t done so properly, or where security isn’t applied or patches are not updated. Even where a human error element applies, the real problem is often systemic and the organisation responsible for the data breach must meet the claim.
The risks of scams and frauds for data breaches seen as “minor” can still be severe. It only takes a little information for criminals to do some serious damages, which we have seen from infamous group cases that we are involved with. This includes hackers contacting TalkTalk data breach victims and, more recently, easyJet data breach victims being targeted.
Data breach compensation pay-outs can be based on both compensation for the distress caused by the loss of control of personal information, as well as for losses and expenses.
The Virgin Media Data Breach Action – an infamous example
When it comes to group actions for unsecured database compensation claims, the Virgin Media data leak is one of the recent and prominent examples.
The information for around 900,000 victims was left unsecure for a period of 10 months between April 2019 and February 2020. The trove of accessible data was discovered by a security researcher, but we know that at least one other third-party has accessed the information during the breach period. Hackers and criminals use the same kinds of methods that security researchers do, so it’s entirely possible that the details for the victims of that breach are in the hands with individuals or groups who may exploit it.
The risks of scams and fraud, as outlined above, are very real. Victims of the Virgin Media data breach can sign-up for No Win, No Fee representation on the dedicated website here.
The Sheffield City Council and South Yorkshire Police ANPR incident
Another recent example where unsecured database compensation claims can arise was in the headlines last month. It involved a database of some 8.6 million car journeys logged as part of an ANPR network run by Sheffield City Council and South Yorkshire Police being left unsecured.
Astonishingly, in this case, the database was left accessible and not even password protected. Anyone could have accessed the monumental wealth of information, and the consequences could have been severe. Reportedly, ANPR is worryingly under-regulated, which is another cause for concern