Wisepay data breach

Wisepay data breach affects over 300 school systems

Sign-up to one of our many Group Actions today - use our quick and easy form to start your claim for compensation.

Begin Your Group Action Claim Today
Please note we are unable to proceed with claims involving BMW, Dacia, Ford, Honda, MINI, Mercedes-Benz & Mitsubishi.
The deadline for claims for EA189 engines passed in 2018, and claims settled in 2022. We are unable to take any claims on for vehicles with EA189 engines. We are able to take on claims for newer engine types that are NOT EA189 engines.
Our claims team will call you back at a time that's suitable to you.
Your privacy is extremely important to us.
Information on how we handle your data is in our Privacy Policy
solicitors regulation authority

Wisepay data breach affects over 300 school systems

The Wisepay data breach occurred between late evening on 2nd October and 10am on 5th October 2020.

It is understood that the school payments system was hacked over the weekend in question, meaning that parents’ sensitive information has been exposed. The Wisepay data breach is said to have affected around 300 school payment systems across the two-day period. The breach may have affected any parents who inputted their details into the payment page on their schools’ systems.

Wisepay took down their site as soon as the breach was discovered at 10am on the 5th October and have stated that only a small number of parents should have been affected as their system does not require daily payments.

Information exposed in the Wisepay data breach

We understand that the hackers were able to modify the Wisepay payments page to send users to their own ‘spoof’ payment page. This means that users could be directly imputing their card details into the hacker’s website, not the Wisepay one as they would have thought. This means that the hacker had access to card details of all the attempted payments made over the weekend, leaving victims open to fraudulent attacks by the cybercriminal(s).

In a letter to schools, Wisepay has said it does not store any payment information itself and none of their own records were leaked. It was explained to parents that, if they did not attempt to make a payment to one of the 300 affected schools between 2nd and 5th October, it is most likely that they will have not been affected.

What do I do if my card information was stolen?

If your card information has been stolen in the Wisepay data breach, it is important to cancel or pause the card you used and to monitor your account for any fraudulent activity that may have occurred since the incident. Speak to your bank or building society the relevant company involving the card and seek their advice and instruction also.

In the letter to schools, Wisepay warned parents who think they might have been affected by the Wisepay data breach to pause or cancel the payment cards they used on their site. Also, in a pre-emptive attempt to stop the hackers, they also said to change any online banking passwords that relate to their Wisepay account as well.

It is important to note that, if your data has been stolen in the Wisepay data breach, you could be eligible to make a compensation claim with the Group Action Lawyers.

Start your data breach claim

If you have been a victim of the Wisepay data breach, you could be eligible to claim compensation with the Group Action Lawyers.

If you have been subject to any fraudulent activity as a result of the breach, you could claim compensation for any money lost. We can also look at the distress and loss of amenity caused by the loss of control of your personal data, as well as any financial losses or expenses incurred as a result of the breach too.

We have helped thousands of victims recover millions in damages across a range of multi-party and group action claims, and our expert legal team is here to help you next.

Contact us today to discuss your potential case on a free and no-obligation basis.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.