How To Sue For An Email Data Breach

The Information Commissioner’s Office (ICO) is a UK watchdog that oversees data protection, and they define a data breach as a security incident that compromises the integrity, availability, or confidentiality of your personal data. This could be a cyber incident, such as someone hacking into a company’s computer, or it could be human error, like a receptionist sending an email to the wrong address.

To sue for an email data breach, you need to be able to prove that:

An organisation, like a bank, or an employer, fails to adhere to data protection laws. For example, if they failed to train their employees on proper data handling techniques.
This failure leads to your personal data being breached. For example, the HR department sends an email containing disciplinary information to the wrong email address.
This causes you both emotional distress and financial losses.

You need to be able to prove all three of these points in order to make a personal data breach claim. However, before we delve into what personal data is and how it can be affected, let’s examine what a personal data breach actually is.

Wrongful Conduct

Wrongful conduct doesn’t just mean that someone did something wrong or illegal. Essentially, it means that the organisation handling your personal data did not comply with important legislations, such as the UK GDPR and the DPA, and this caused the breach. Anyone handling the personal data of UK residents, from an online retailer to a local council, must comply with this legislation.

For more information on how to sue for an email data breach, keep reading. Or, if you’re ready to get started, contact one of our advisors today.

What Is Classed As Personal Data?

Personal data is classed as any information that can be used to identify you, either alone or when used alongside other details. For example, this might include your:

Email address
Phone number
Date of birth
Postal address
Full name
National insurance number

What Is Classed As Special Category Data

Special category data is a subset of personal data that needs extra protection, as per the DPA, because of its sensitive nature. For example, this can include information about your:

Race or ethnicity
Health or medical conditions
Religious or philosophical beliefs
Political beliefs
Sex life or sexual orientation
Trade union membership
Genetic or biometric data

If your personal or special category data was breached through an email, contact us today to find out if you could make a claim. Or, keep reading to learn about the most common causes of email data breaches.

The Common Causes Of Email Data Breach Claims

Some common causes of email data breach claims can include:

Failure to use BCC: Failing to use the blind carbon copy (BCC) means that other recipients on a group email can see that you received it. For example, if a sexual health clinic sent a group email out to all of their HIV positive patients but failed to use the BCC feature, this means that the other recipients could identify you through your email address, causing extreme anxiety.
Sending an email to the wrong address: Those handling your personal data should ensure their records are accurate and up-to-date before sending an email. For example, if a GP surgery sent the results of a pregnancy test over email to a young woman who recently turned 18, but they’d entered her mother’s email address by mistake, this could cause serious emotional distress.
Sending unredacted documents via email: Documents should be redacted as necessary before being sent to avoid exposure of personal data. For example, if a social worker were to send a document over email to a woman’s abusive ex-partner but forgot to redact her new address or phone number, this could allow him to access her new details. In turn, this could cause severe PTSD and may necessitate relocation.

These are just a few examples of how using an email service can contribute to a data breach. Keep reading to find out more about how to sue for an email data breach.

How Much Email Data Breach Compensation Could I Get?

How much email data breach compensation you could get depends on a number of factors, including:

How much evidence you have
How severely you were harmed
Whether you suffered financial losses

A helpful tool when calculating email data breach compensation payouts is the Judicial College Guidelines (JCG). This document contains guideline compensation brackets for various injuries and illnesses, which solicitors can use as a reference.

We’ve provided some examples of these brackets below, as they relate to non-material damage compensation. This compensation covers the psychological impacts of the data breach; for example, a data breach could cause a number of mental health conditions, like anxiety, depression, and post-traumatic stress disorder (PTSD).

Please note that these are only guideline figures, and not guaranteed amounts, and they only apply to non-material damage compensation. It’s also important to note that the first figure in this table is not from the JCG.

Injury	Compensation
Multiple severe instances of mental harm, with financial losses like the cost of counselling and lost earnings.	Up to £250,000+
Severe Psychiatric Damage	£66,920 to £141,240
Moderately Severe Psychiatric Damage	£23,270 to £66,920
Moderate Psychiatric Damage	£7,150 to £23,270
Less Severe Psychiatric Damage	£1,880 to £7,150
Severe PTSD	£73,050 to £122,850
Moderately Severe PTSD	£28,250 to £73,050
Moderate PTSD	£9,980 to £28,250
Less Severe PTSD	£4,820 to £9,980

Can I Claim For Any Financial Losses The Breach Has Caused?

Yes, you can claim back financial losses caused by the breach as material damage compensation. A data breach can result in a significant financial burden, and a payout under this heading can help you recoup the cost of things like:

Counselling and therapy
Relocation if your current address is now unsafe
Travel
Lost earnings due to taking time off work to recover from the psychological effects of the breach

You don’t need to suffer psychological harm in order to claim for the financial losses you’ve endured, but you can claim for both, as long as you have evidence that proves both headings. Contact our team today to learn more, or keep reading for more information on how to sue for an email data breach.

Who Would Pay For My Data Breach Compensation?

The organisation at fault would pay for your compensation if you were to make a successful claim. Most likely, they’ll have insurance in place, which means it won’t come out of pocket.

This can be good to know, because a lot of people worry that making a claim would cause financial hardship for the defendant, especially when they’re claiming against a small organisation or business.

Our team of advisors are here to help. If you have any more questions on how to sue for an email data breach, get in touch with us today.

What Precautions Should I Take After An Email Breach?

There are a number of precautions that you can take after an email data breach, including:

Changing your passwords regularly
Enabling two-factor authentication
Checking your accounts for suspicious activity
Monitoring your bank accounts for fraudulent purchases
Initiating a fraud alert, where relevant, with your bank or credit provider

If you choose to work with a solicitor from our panel, they can help you find more advice on what to do after an email data breach. Keep reading to get information on how a solicitor from our panel could help, or contact us today to get started.

Work With Our Panel Of No Win No Fee Data Breach Solicitors

So, why should you work with a solicitor from our panel? Well, our panel of No Win No Fee data breach solicitors believe that everyone should be able to access high-quality legal help when they need it, without having to pay any exorbitant hourly bills.

Our panel of expert solicitors have decades of combined experience. They use their years of education, experience, and training to provide top-tier legal help to clients all over the country, all under the terms of a No Win No Fee agreement.

Under a Conditional Fee Agreement (CFA), which is a type of No Win No Fee arrangement, you don’t need to pay any solicitor’s fees:

Upfront
While the claim is ongoing
At all if your claim fails

If you successfully claim compensation, then your solicitor will take their success fee from your compensation. But don’t worry; their fee is taken as a percentage of your compensation, which is legally capped. The legal cap helps to make sure that you keep the larger share of what you receive.

Contact Us

So, are you ready to get started? Our team of advisors are waiting for you to get in touch by:

Calling us on 0800 408 7827
Using the live chat feature
Contacting us online

Learn More

For more information on making a data breach compensation claim:

Find out how to sue for a data breach in a post office
Get help with making an NHS data breach claim
Learn how to sue HMRC after a data breach

Or, for further resources:

Guidance on data breaches from the National Cyber Security Centre
Find out where to report a cyber incident from GOV.UK
Learn how to make a complaint to the ICO

Thank you for reading our guide on how to sue for an email data breach.

Advice On How To Sue For An Email Data Breach

Can I Sue If Personal Information Was Breached Via Email?

Contact Us

Frequently Asked Questions