The Information Commissioner’s Office (ICO) has issued their Dixons Carphone data breach fine, and the amount is the maximum penalty available under the old rules.
This was a sustained cyberattack that lasted between July 2017 and April 2018, meaning that it has been dealt with in accordance with the Data Protection Act 1998. The GDPR that could have allowed fines to be up to 4% of a company’s global annual turnover came into effect in May 2018; just weeks after the breach period ended. Had the breach period have lasted longer, a far greater penalty could have been issued. We have seen this with the provisional £183m issued for the British Airways data breach.
We are representing people who are claiming compensation from Dixons Carphone (DSG Retail Ltd) as one of the dozens of data breach group and multi-party actions that our lawyers are fighting for justice in.
For victims to be able to have the best approach for joining the official BA data breach group action, here is some important information that you should know.
In October 2019, the formal Group Litigation Order (GLO) for victims of the 2018 cyberattacks was given the go-ahead by Mr Justice Warby. Since then, and even before, a number of law firms have been marketing their services for victims, which is common. However, this can cause some confusion, and so in the interests of clarity, here is some useful information about the official action; because there is only one.
Having seen previous incidents of law firms missing deadlines and misrepresenting their clients, appointing the right firm is important.
Our work when it comes to data breach compensation actions is becoming increasingly more important in today’s world where it feels like new breaches are taking place all the time.
Traditionally, we have been at the forefront of some of the biggest and most complex group actions in the UK, which are normally medical actions. In 2015, we saw the monumental VW Emissions Scandal that led to us being appointed to the Steering Committee for that particular action.
However, in recent years, our work has steered us in a very different direction.
If you have been affected by the recent Missoma data breach, we may be able to assist you with a data breach compensation claim.
Although we don’t yet know how many people were affected, it is likely that any compensation action for this breach will form as part of a group / multi-party action. This is what we specialise in.
The jewellery brand is understood to be contacting customers affected by the cyberattack, which may go as far back as September 2019. The circumstances surrounding how the breach has happened are remarkably familiar.
We have taken forward a few new group action compensation cases for data breaches in 2019, as the number of events continues to grow.
Now, the majority of the group and multi-party actions that we’re fighting for justice in involve some kind of data issue. This is simply because of the sheer volume of events that are taking place, as well as the fact that the law allows victims to be able to claim damages.
We thought that the introduction of the GDPR would lead to a decline in the number of events, but it feels like this hasn’t been the case so far. Now, more than ever, our work in representing victims for data breaches has never been more important.
Data breach group actions account for most of the group and multi-party actions that we’re involved in. Around three-quarters of the over 40 separate actions we’re representing people for involve some form of leak, breach or hack.
As such, this area of law is a particular specialty of ours.
When we are asked for help, or when we spot a potential data action, our lawyers and legal team act fast in order to see if we can help people. Although organisations can receive substantial fines form the ICO (Information Commissioner’s Office), this money is not used for compensation. For victims to be able to receive justice for what they have had to suffer, we can represent them on a No Win, No Fee basis and launch our own separate legal action.
We have a formal Group Litigation Order (GLO) established for victims of the 2018 cyberattacks that hit BA. It Is called the British Airways Data Event Group Litigation.
It is important to know that there is only one formal GLO for this case. Since news of the GLO forming hit the press, a few other law firms have started to invite people to register claims with them. This includes firms that were not present at the hearing, and it can become a bit of a minefield when it comes to knowing who is best to represent you for a case.
With this in mind, to make sure you are in the picture and avoid any confusion, we will set out some key information about the formal GLO as well as providing an insight into its aims and purpose.
The British Airways data class action is one of over 40 different group and multi-party actions that we’re involved with. If you’ve yet to join it and you want some more advice about it, we can help you.
This particular class action is somewhat of a pioneering one. It’s the first formal Group Litigation Order at the High Court of Justice in London that involves the GDPR that came into force in May 2018. The UK’s data regulator, the Information Commissioner’s Office (ICO), has the power to issue fines that can equate to 4% of a company’s global annual turnover. In fact, they have issued an intent to fine BA £183m; but this is dwarfed by the potential costs of the litigation that could reach £3bn for pay-outs and is entirely separate to the ICO fine.
If you have yet to join the BA Group Action, here’s some more information about what it is and what it entails.
The BA data breach class action is one of over 40 different group and multi-party actions that our lawyers are proudly fighting for justice in.
The BA case is also one of the most prominent ones for us as a firm because it is one of the actions that we represent a large volume of people in. We have been representing BA data breach claimants since news of the incidents first emerged, working on a No Win, No Fee basis for our clients.
If you have yet to start your BA Group Action case, here’s a little about what’s going on and what action you need to take.
Undoubtedly, the provisional British Airways GDPR fine in the sum of £183m, and the group action that could lead to an estimated cost of £3bn, were both avoidable.
All that was needed was for the airline to have had proper cybersecurity measures in place that could have prevented the 2018 cyber-attacks. Given what we know, and the fact that the Information Commissioner’s Office (ICO) has deemed it necessary to issue a fine, this whole scandal could have been avoided.
The fact that the attacks were successful is another example of big corporations being reactive as opposed to proactive. The costs of the fine and the litigation will no doubt serve as clear punishment for the fact that vital data protection laws have been breached. But make no mistake about it, this could have been prevented.
GDPR data breach rights have never been more prevalent in today’s digitalised age, especially when we’re seeing more and more breaches taking place all of the time.
As specialists in group action compensation, a large proportion of the over 40 different group and multi-party actions that we’re involved with now include data protection issues. These range from some of the earliest actions, like the TalkTalk hack and the 56 Dean Street Clinic leak, to huge cases like the BA Data Breach Group Action that we’re on the Steering Committee for.
With this in mind, we wanted to make sure that people are clear on how GDPR affects their rights when it comes to making a claim for compensation.
With the British Airways data breach group action getting the go ahead at the key hearing in early October, here’s a little information about the action and our firm’s position within it.
As a firm, our focus is on group action (sometimes referred to as class action) compensation cases, with consumer rights and data protection two areas of law that we specialise in. The BA Group Action is both a consumer and data protection matter, which is why we decided to take action as soon as news of the cyberattacks hit the media.
Since 2018, we’ve been taking cases forward on a No Win, No Fee basis. Given our participation in the action on the whole, we were appointed to the Steering Committee that’s responsible for the conduct of the litigation. Here’s a little information about the case so far.