freephone: 0800 954 0243

Company cyber-attacked but successful claimant’s data not actually breached

Company cyber-attacked but successful claimant’s data not actually breached

The situation

The Head of our Data Breach department, Mr Matthew McConville has successfully represented a male against a company whom were subject to a criminal cyber-attack a few months ago. The details of Mr McConville’s client and the company have to remain confidential due to the entering of a Settlement Agreement particularly as a criminal investigation is still ongoing.

The resolution

What is interesting about this case is that although it has later transpired that the Claimant’s data was confirmed to have not been specifically breached/obtained by the attackers, Mr McConville has still managed to obtain a handsome settlement for his client. Mr McConville was able to do this because he argued that although the criminals accessed servers where the Claimant’s data was not held, this did not mean that the company’s IT systems were completely safe a secure to hold personal data.

The reasoning

Mr McConville argued that the criminals could have accessed the server upon which his client’s data was stored if they wanted to do so. As such, this was a breach of the Data Protection Act 2018/General Data Protection Regulations 2018, a breach of Article 8 of the Human Rights Act 1998, a breach of confidence and a misuse of private information. After argument, a settlement was agreed between the parties, of which, details have to remain confidential for the above reasons.

Posted in GDPR Case Reports

Do you have a question for us?

One of our staff members would be happy to speak to you directly. Why not give us a call?

T: 0800 954 0243
freephone: 0800 954 0243
| Website designed & hosted by Cyberfrog Design