It is understood that the WH Smith cyberattack resulted in the information of current and former employees being targeted, and possibly misused and exposed.
If it is the case that there was more that the company should have done to have protected the information that has been affected, they could be liable and they could be in breach of the GDPR. Any organisation in breach of the GDPR may be responsible for compensating victims.
You can speak to our team for free, no-obligation legal help here now.
About the WH Smith cyberattack
It has been reported that WH Smith cyberattack looks to have resulted in criminals being able to gain access to information about current and former employees. The company has been quick to say that customer accounts and information do not appear to be affected, but employee information being exposed and potentially misused is a very serious matter.
In the wake of the WH Smith cyberattack, the company has launched an investigation and engaged the assistance of specialist services to help with its response plans. It is understood that current and former employees whose information may have been affected are going to be notified about their involvement, and they should be informed about what data might have been compromised.
Concerns over the information affected
There are good reasons why we should be concerned in respect of the WH Smith cyberattack, as it concerns the information for current and former employees. Human resources data is something that hackers will target, because the extent of the personal and sensitive information that they could steal and misuse can be significant.
There may be financial information for salary payments as well as very sensitive personal information, including dates of birth, National Insurance numbers, and equality and diversity data, such as ethnicity and sexual orientation information. There may also be medical and domestic information for employee support, as well as data with regard to progress and personnel matters.
In the wrong hands, this kind of data could be used by criminals to try to target people for fraud and theft. They could also try to initiate ransomware scams where they threaten to publish the data unless demands are met.
Given that the nature of such information can be particularly personal and sensitive, it can be understandable why current and former employees may need to be concerned about what has happened. Anyone who has been affected by a data breach through no fault of their own could be eligible to recover privacy compensation on a No Win, No Fee basis. You can talk to our team for free, no-obligation legal advice here now.
Data breach compensation and pay-outs
When it comes to the kinds of compensation and pay-outs we could be talking about for victims of a data breach, leak or a hack, we believe that it is well worth pursuing a case. As leading experts in this area of law, having been representing clients for privacy cases for almost a decade, we have already recovered over £1m in damages for mostly individual clients. Our average settlement is just over £6,000 in damages alone per claimant, so it is well worth your time pursuing a case.
Given that we are working on a No Win, No Fee basis for eligible clients, what do you have to lose in pursuing a claim now? In reality, you may have quite a lot to gain.