Has your personal data been exposed in an energy company data breach? This article will explain what a data breach is and who may be eligible to make a claim. As well as this it will examine data breach compensation award amounts and how our No Win No Fee solicitors could help you.
A data breach can make you feel vulnerable, exposing your personal information to unauthorised individuals or parties. It may negatively impact your finances and may affect your mental health too causing stress, and anxiety and even stopping you from working.
If you would like to talk to our advisors about a data breach, they are here to provide free and relevant legal advice. They can understand the foundation of your case and may pass you on to our No Win No Fee solicitors if you have a promising case. Speak to our advisors today by:
Select A Section
- What Is An Energy Company Data Breach?
- Examples Of Utility And Energy Company Data Breach Incidents
- How Could An Energy Company Breach Customers’ Data Privacy?
- What Steps Should An Energy Company Take To Prevent Data Breaches?
- Data Breach Compensation Calculator
- No Win No Fee Energy Company Data Breach Claims
There are two main pieces of legislation running alongside each other to establish robust data protection regulations in the UK. The UK General Data Protection Regulation(UK GDPR) and the Data Protection Act 2018 (DPA) outline the steps a data controller or processor should take when using your personal data, ensuring they take all practicable steps to safeguard your personal information.
Generally, you are a data subject if you have your personal information processed. A data controller will usually be an organisation or company, such as an energy company for instance, that controls the data they process. And finally, a data processor may work on behalf of the controller to process the data for them.
A personal data breach is a security incident that compromises your personal data via processing, transmitting, storing, losing, disclosing, destroying, or accessing your information unlawfully or accidentally.
It is very important to note that any personal data breach claim will require the claimant to prove that the data controller/organisation did not apply data protection laws. Therefore personal data was breached and this subsequently caused the data breach victim mental injuries and/or financial losses.
If you believe you have been subject to a data breach, then contact our advisors today.
Data breaches generally can be divided into two areas: cyber attacks or criminal hacking then there are data breaches that are caused by human error. You may think that the majority of data security incidents occur through hacking, phishing scams or malware. However, human error is the main cause of these.
The People’s Energy Data Breach
It was reported in 2020, that People’s Energy had suffered a data breach affecting their 270,000 consumers. An entire database was stolen by hackers that held personal data including names, addresses, dates of birth and phone numbers.
Data breaches can happen in a variety of ways, however, they can be deliberate breaches or human error i.e. misplacing folders or losing devices.
Causes of data breaches that are cyber-related can include :
- Malware – software on a computer to slowly corrupt the device or gain unlawful access to data.
- Ransomware – A type of malware that encrypts and locks the owner out of the data unless they pay a monetary amount to be regranted access.
- Phishing – When a fraudulent email is sent to try and trick the receiver into giving their personal information.
Alternatively, human error breaches can be born from a lack of training or simple mistakes, such as:
- Data emailed to the wrong recipient
- Letters delivered to the wrong recipient
- Losing a physical device.
- Sharing passwords with an unauthorised individual.
Data Protection Security Incidents and Statistics
Per the data security incident trends on the Information Commissioner’s Office (ICO) website, there were 9,559 data security incidents reported in 2021/22. Out of those incidents, 7,050 were non-cyber and 2,509 were cyber incidents.
Data controllers and processors must protect the personal data and personally sensitive information they process accordingly to data protection laws in the UK. That said, not all data and information is protected by these regulations. Both personal and special category data are to be legally protected.
To comply with data security and protection legislation it is vital that data controllers/ organisations not only train their staff on the importance of data confidentiality and security but they must also implement the UK GDPR and the DPA into data handling processors. This is needed to protect such data they process.
When processed personal data is stored and accessed through digital files, data controllers must have the most recent robust cyber security defence systems in place. This is so hackers and other cyber criminals are not able to infiltrate their systems and gain unlawful access to personal data.
If you have any questions about a data breach claim, our advisors are here to help today.
In the event of a successful data breach claim, you could receive compensation for two types of damages, also known as:
- Material damages – The financial losses you may suffer from the exposure of your banking details. This can include, credit and debit card details as well as other identifying information that can result in theft, fraud and impersonation.
- Non-material damages – The mental health injuries arising from your data breach. If you feel exposed you may suffer from anxiety, paranoia, depression or stress.
The 16th edition of the Judicial College Guidelines (JCG) has been used to create the table. The JCG separates award amounts by the type and seriousness of the injury sustained. The table below shows potential compensation bracket figures for mental health injuries:
|Severe mental health damage (a)
|£54,830 to £115,730
|Where there are substantial problems with life, relationships and vulnerability. The level of the award is affected by the extent of medical treatment and successful recovery.
|Moderately severe mental health damage (b)
|£19,070 to £54,830
|An individual may experience significant problems with the above factors, however, the prognosis will have slightly improved.
|Moderate mental health damage (c)
|£5,860 to £19,070
|Issues with relationships, work and social life although there will have been marked improvements.
|Less severe mental health damage (d)
|£1,540 to £5,860
|The award is affected by an individual’s disability and the subsequent effects on daily functionality.
|Severe post-traumatic anxiety disorder (a)
|£59,860 to £100,670
|Permanent and significant issues with all areas of life and a poor prognosis.
|Moderately severe post-traumatic anxiety disorder (b)
|£23,150 to £59,860
|Where professional help has improved the prognosis, but disabilities still exist.
|Moderate post-traumatic anxiety disorder (c)
|£8,180 to £23,150
|A large recovery has taken place with persisting minor symptoms that are not hugely disabling.
|Less severe anxiety disorder (d)
|£3,950 to £8,180
|An individual has nearly gone through a full recovery within a two-year period with only minor symptoms continuing.
The Court of Appeal’s verdict in the Vidal-Hall v Google Inc case changed the compensation claiming process for data breach cases. You can claim for non-material damages without proof of material damage.
If you would like to understand the data breach compensation claims process, reach out to our advisors today.
Data breaches are a complex part of the law that benefits from professional guidance. As with personal injury and medical negligence claims, you can use our No Win No Fee solicitors for your data breach claim. If you would like to explore the foundation of your case and determine whether it is strong enough to succeed, contact our advisors today.
Our solicitors work within a Conditional Fee Agreement (CFA) which is a popular kind of No Win No Fee arrangement. There are no upfront costs and you do not pay them if your claim fails.
A CFA lawyer takes a success fee when your claim succeeds. The fee is a small legally-limited part of your compensation.
Talk to our advisors today by:
Data Breach Claim Resources
We have many other informative data breach articles:
And we have gathered some other useful links:
Contact our advisors if you have any questions about an energy company data breach.