What Are My Rights After A Wealth Manager Data Breach?

Are you wondering what your rights are after a wealth manager data breach? If your personal data related to your finances has been involved in a breach, and this has caused you harm, then you might be able to claim.

wealth manager data breach

Wealth manager data breach claims guide

There are laws in the UK that protect personal data. The Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR) make up the regime that outlines how personal data in the UK should be protected. The DPA was updated when the UK left the EU.

A wealth manager is someone who can advise you on financial planning. In order to provide you with this service, they will need to collect your personal data. Some of this personal data might relate to your finances. It all needs to be protected according to the pieces of legislation above.

If you wish to speak to a member of our team for free legal advice about making a claim, simply:

  • Call our advisors on 0800 073 8801
  • Contact us online for a callback
  • Access help through the live support option, bottom right

Select A Section

  1. What Is A Data Breach By A Wealth Manager?
  2. Types Of Personal Financial Data
  3. How Does The UK GDPR Affect Financial Services?
  4. What Should A Wealth Manager Do After A Data Breach?
  5. Wealth Manager Data Breach Compensation Calculator
  6. Start Your Wealth Manager Data Breach Claim

What Is A Data Breach By A Wealth Manager?

Wealth managers provide an array of financial services and can help people plan for their financial future. In doing so, they might need to collect personal data relating to those who use their services.

Personal data is classed as any information that can be used to identify a natural person. This can either be information that can be used to identify someone in isolation or when combined with other information.

A data breach is a security incident that impacts the availability, integrity or confidentiality of personal data. Personal data breaches can happen as the result of malicious action, or unintentionally as a result of human error. You may be able to claim for both.

In order to sue a company after a data breach has affected your personal data, you need to have suffered harm. You can claim for financial and emotional harm separately, as well as both together.

The Information Commissioners Office (ICO) is the independent authority that was set up to protect the data rights of individuals. They can investigate and fine organisations that fail to adequately protect personal data. However, they cannot award you compensation; this would need to come from the organisation responsible for the breach.

For more information on how a wealth manager data breach could occur, and the steps you could take if affected, get in touch with our team today.

Types Of Personal Financial Data

As we’ve already mentioned, personal data is any data that can be used to identify you. It must be protected by the data controller (the organisation that decides how and why personal data is processed) or the data processor (someone who processes data on behalf of a controller).

Some of the personal data relating to your finances that a wealth manager might be able to access include:

  • Bank details
  • Mortgage provider details
  • Wage slips
  • Credit card and debit card details
  • Details of stocks and shares
  • Pension details and asset valuations
  • Investment information
  • Tax and HMRC details

For example, a wealth manager could have personal data relating to financed stored on an unencrypted USB stick, which they then lose. This means that someone without authorisation could access this data and use it for their own purposes.

Get in touch with our team of advisors today for free legal advice about making a wealth manager data breach.

How Does The UK GDPR Affect Financial Services?

All organisations that process personal data need to adhere to the UK GDPR. This means that they need to protect personal data from being exposed.

All organisations must adhere to the key principles of the UK GDPR. These principles should be at the centre of an organisation’s attitude and approach to data security.

These principles are:

  • Fairness, lawfulness and transparency
  • Purpose limitation
  • Accuracy
  • Data minimisation
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

Furthermore, an organisation should not process personal data without a lawful basis for doing so. There are six lawful bases for processing personal data, however, no one lawful basis is more important than the rest.

If a wealth manager data breach has occurred and impacted your personal data in a way that has caused you harm, then you may be able to claim. Get in touch with our team today for free legal advice.

What Percentage of Financial Organisations Had Data Breaches In 2022

The ICO provide statistics that indicate the prevalence of data security incidents reported across the main business sectors. The financial, insurance and credit sector reported 185 incidents during this period:

What Should A Wealth Manager Do After A Data Breach?

After a wealth manager data breach that impacts the rights and freedoms of the data subject, the ICO should be made aware within 72 hours. Furthermore, the data subject should be told about the breach without undue delay.

If you’re concerned about the way a wealth manager is handling your personal data, but they haven’t told you about a breach, you can get in touch with them to raise your concerns.

If you aren’t happy with the organisation’s response in the event of a breach of your personal data, then you can raise your concerns with the ICO. You should do this within three months of your last meaningful communication with the organisation.

The organisation can offer to compensate you for the harm caused by a personal data breach directly. However, if you accept this then you cannot go on to pursue compensation again by making a claim.

We recommend seeking legal advice if you’re interested in making a claim for the harm caused by a personal data breach. Our advisors can offer you free legal advice and may be able to pass you on to one of our solicitors if you have a valid case.

Wealth Manager Data Breach Compensation Calculator

A wealth manager data breach can leave long-lasting and serious problems for the person it impacts. If your claim is successful, you could receive two heads of claim.

Material damages relate to the financial consequences of the data breach. For example, if your bank details were exposed in a breach then this could cause someone to steal money from your account.

It is also possible to seek non-material damages for psychological injury and distress caused by a security incident involving your personal data. A precedent case called Vidal-Hall v Google upheld that psychiatric harm can be compensated in its own right. Before this, you must have experienced financial harm in order to claim for the emotional impact of a breach.

Because of this, legal professionals can use the Judicial College Guidelines 16th edition published in April 2022 to help them assign value to mental harm caused by a data breach. We’ve used excerpts from these guidelines below:

Type of Psychiatric DamageJC Guideline Listed Bracket of Award (and Severity Indicated)Supporting Notes
Psychiatric Damage - General £54,830 to £115,730 - (A) Severe Cases A pronounced level of disability in all areas and poor future prognosis


Psychiatric Damage - General £19,070 to £54,830 - (B) Moderately Severe Cases


Significant issues that create a long-standing disability but with better prognosis than bracket above
Psychiatric Damage - General £5,860 to £19,070 - (C) Moderate CasesA reasonable improvement will have occurred and a positive prognosis.
Psychiatric Damage - General £1,540 to £5,860 - (D) Less Severe CasesAward reflective of how long the disability lasted and the impact it had on normal activities such as work and sleep
Post-Traumatic Stress Disorder (PTSD)£59,860 to £100,670 - (A) Severe DegreePermanently disabling effects that impact all areas of the sufferer's life
Post-Traumatic Stress Disorder (PTSD)£23,150 to £59,860 - (B) Moderately Severe DegreeWhile there will be a better prognosis than in more severe cases as long as professional help is sought, the injured person will be significantly disabled for the foreseeable future.
Post-Traumatic Stress Disorder (PTSD)£8,180 to £23,150 - (C) Moderate DegreeA largely full recovery, any symptoms that persist will not be grossly disabling.
Post-Traumatic Stress Disorder (PTSD)£3,950 to £8,180 - (D) Less Severe Degree


A recovery within 2 years and no significant residual issues

For more information on how much you could receive after a breach of your personal data caused you harm, speak with an advisor today.

Start Your Wealth Manager Data Breach Claim

If you’re interested in making a data breach claim, you might want to do so with the help of a solicitor. Their guidance and support can be very valuable in the claims process. However, you might be hesitant about the process of paying large upfront or ongoing fees to them.

No Win No Fee agreement can benefit you if this is the case. This means that you do not pay anything to them in order for them to start working on your claim or as it progresses.

If your claim is successful, you’ll pay a legally-capped success fee to your lawyer. In the event that it’s unsuccessful, you don’t pay your lawyer for their services.

If you would like to learn more about how we could introduce you to a No Win No Fee solicitor to assess your wealth manager data breach claim, please get in touch using the details below:

Related Financial Service Data Breach Resources

As well as information on your rights after a wealth manager data breach, we are also able to offer reading and guidance on:

We’ve also included the below external resources:

Guide by JW

Edited by FS