What Is A Password Data Breach Claim And When Could I Seek Compensation?

This guide examines when you could make a password data breach claim. It provides information on the eligibility criteria that must be met and the time limits within which the claim must be made. We have also provided some examples of data breaches to illustrate not only how your password could be lost or stolen but also the impacts this could have on you.

Data breach compensation will be awarded should your claim be successful. This guide includes an explanation of the types of damage such compensation could be paid out for with an overview of how settlements are calculated to aid your understanding.

Towards the end of this guide, we explore the No Win No Fee contract under which the experienced data breach solicitors from our panel can offer their services.

To find out if you are eligible to claim data breach compensation or to ask any questions you may have concerning data protection law, contact our advisors without delay. The team are available all day every day and can be reached using the contact information provided here:

  • Call the team on 0161 696 9685.
  • You can also contact us through our website.
  • Alternatively, click the live chat button on your screen for a fast response to your queries

Passwords being stolen from a laptop with a magnet.

Select A Section

  1. What Is A Password Data Breach Claim?
  2. Who Could Claim For A Password Data Breach?
  3. How Could Data Breaches Impact You?
  4. Calculating The Value Of Data Breach Compensation Payouts
  5. Check How No Win No Fee Data Breach Solicitors Could Help You
  6. More Resources About Making A Password Data Breach Claim

What Is A Password Data Breach Claim?

Passwords are combinations of letters and numbers used to secure user access to a website, device, or mobile app. Password data breaches can occur when passwords are lost, unauthorised persons gain access to passwords, or related security information. 

Per the Information Commissioner’s Office (ICO), the UK’s independent body for the upholding of information rights, personal data is any information that relates to an identifiable natural person.

Personal data breaches are security incidents that are defined in general terms by the ICO as compromising of the integrity, confidentiality or availability of personal data. While an exposed password may not in itself be grounds for a claim, unauthorised third parties could use it to access personal data that the password was protecting. 

To find out more about who is eligible to make a password data breach claim, use the contact information provided above to talk to one of our dedicated advisors.

Who Could Claim For A Password Data Breach?

There are three parties relevant to any data breach claim. The organisation that decides how, when, and why your personal data will be processed is referred to as the data controller. Data controllers may use the services of external parties to process personal data. These parties are known as data processors, although not every controller will use external services. The individuals to whom the personal data relates are known as the data subjects.

Data controllers and processors have certain obligations under data protection law, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Failure by either party to uphold these obligations could result in your password being compromised and unlawful access to the personal data behind it.

In order to begin a data breach compensation claim, the following criteria will need to be met:

  1. There was a positive wrongful conduct on the part of either the data controller or processor. This means they failed to adhere to data protection laws, namely the UK GDPR and DPA.
  2. This wrongful conduct resulted in a data breach in which your personal data was affected.
  3. The exposure of your personal data caused you to suffer monetary losses, psychiatric harm or both. 

To find out about what information is protected by the GDPR or to get your eligibility to begin a password data breach claim assessed, speak to one of our advisors. The team are available 24 hours a day, 7 days a week using the contact information provided above. 

Time Limits In A Password Data Breach Claim

The time limit for a typical data breach claim is 6 years. This means that any claim must be made within 6 years of being notified of the breach. This limitation period is reduced to 1 year if you are claiming against a public body. 

For further guidance on the time limits, contact our advisors using the number given above.A person pressing a key labelled data breaches and reporting on a keyboard.

How Could Data Breaches Impact You?

The impacts of all data breaches can be severe, including substantial financial losses and/or significant psychological damage. Below we have provided a few brief scenarios examining how a password data breach could occur, such as through human error, and the impacts it could have.

  • A failure of your pension provider to utilise adequate security measures resulted in criminal organisations gaining access to your pension password in a cyber attack. Money was subsequently stolen from your pension fund.
  • A human resources staff member at your place of work failed to lock away physical documents containing HR security information at the end of the day. This document was stolen during a break-in, and unauthorised persons gained access to passwords that allowed them access to the company system containing the personal data of multiple staff members, including yourself. As a result, you suffered substantial psychological distress.
  • A letter containing information about your online bank details, including your password, is sent to the wrong address. As a result, access is gained to your bank accounts and money is stolen.

There are multiple circumstances that could arise where your personal data is compromised due to passwords being lost or stolen. Our team of advisors can assess your eligibility to begin a data breach claim in your particular circumstances. Contact them today using the number given below.

Calculating The Value Of Data Breach Compensation Payouts

A successful password data breach claim will result in a compensation payout. This payout could be awarded to compensate for up to two different types of damage. Material damage refers to the financial harm you suffered as a result of a personal data breach. Non-material damage is the psychological impact of a data breach, such as stress and anxiety, as well as potentially more severe consequences, such as serious psychiatric harm and post-traumatic stress disorder (PTSD). 

If you instruct a solicitor from our expert panel to represent you in your claim, one of the many tasks they can undertake is calculating a potential compensation figure. Those tasked with reaching a potential value for non-material damage in your claim can refer to the Judicial College Guidelines (JCG) alongside medical evidence, such as your medical records.

The JCG publication contains detailed information for a variety of different injuries as well as guideline compensation figures for each. We have used the JCG entries for psychiatric harm and PTSD in our compensation table. 

Compensation Table

Please take note that this table is intended for guidance purposes only due to the individual nature of data breach claims. Also, the top entry is not a JCG figure.

Type of HarmSeverityCompensation Amount (Guideline Figure)Notes
Very Serious Psychological Harm and Substantial Financial DamageVery SeriousUp to £250,000 and above.Compensation for very serious psychiatric harm in addition to significant financial impacts in the form of lost earnings, stolen funds and other material damage.
Psychological Harm GenerallySevere (a)£54,830 to £115,730Severe problems affecting multiple areas of life, such as the injured person's ability to cope with daily life and personal relationships with a very poor prognosis.
Moderately Severe (b)£19,070 to £54,830This bracket includes cases with a much more optimistic prognosis than in (a) although the injured person will still be experiencing significant problems across multiple areas of life.
Moderate (c)£5,860 to £19,070The injured person have undergone substantial improvement with regard to their ability to cope with life and have a positive prognosis.
Less Severe (d)£1,540 to £5,860Awards in this bracket will consider factors such as the effect on sleeping patterns and daily activities, as well as the length of the disability period.
Post Traumatic Stress DisorderSevere (a)£59,860 to £100,670Permanent and serious effects across all aspects of life preventing the person from functioning at anything resembling the pre-trauma level.
Moderately Severe (b)£23,150 to £59,860This bracket involves a more optimistic prognosis than in (a). Nevertheless the injured person will be experiencing significant disability for the foreseeable future.
Moderate (c)£8,180 to £23,150Cases where the injured person has mostly recovered and is not experiencing any gross disablement from continuing effects.
Less Severe (d)£3,950 to £8,180A virtually full recovery within 2 years and only minor persisting symptoms over a longer period.

Material Damage

You may also receive compensation for any material damage suffered due to the data breach. As mentioned, this refers to financial loss. Examples of material damage could include money being stolen from your bank account or pension fund, fraudulent purchases being made in your name using your bank or credit card details, and the subsequent negative impacts on your credit score.

You should gather evidence to support these losses, such as bank statements and credit reports.

This section aims to provided you with a greater idea of how compensation figures in data breach claims are calculated. For a more detailed estimate of the potential value of your data breach claim, talk to our advisors using the details given below.

Check How No Win No Fee Data Breach Solicitors Could Help You

Our advisors can provide free advice regarding the password data breach claims process. They can also offer an eligibility assessment at no cost to you. If your potential claim is deemed valid, then our advisors could connect you with a specialist data breach solicitor from our expert panel.

They can offer a type of No Win No Fee contract. The particular agreement the solicitors on our panel can offer you is known as a Conditional Fee Agreement (CFA). With such a contract, claimants benefit from some distinct features, including not paying any fees at the start of or during their claim for the solicitor’s services. You will also not incur a fee for these services should the claim fail.

Should your data breach claim succeed, you will receive a compensation payout for the damage you suffered. Prior to the start of your claim, you and the solicitor will have agreed upon a success fee. This fee is deductible as a percentage of your compensation award if the solicitor wins the claim. As The Conditional Fee Agreements Order 2013 imposes a legally binding cap on the percentage that can be charged, you will keep most of any compensation that is paid out.

To ask any questions that may have arisen during your reading of this guide, or to voice any concerns you might have about starting a claim, talk to a member of our dedicated advisory team today. Our advisors can also offer a free consultation regarding your eligibility to start a password data breach claim. You can reach an advisor at any time of day via the following:

  • Call the team on 0161 696 9685.
  • You can also contact us through our website.
  • Alternatively, click the live chat button on your screen for a fast response to your queries.

A specialist data breach solicitor shaking hands with his client at a desk, with a gavel hammer and set of scales in the foreground. They are discussing a password data breach claim.

More Resources About Making A Password Data Breach Claim

You can read more about data breach claims by following these links:

We have also provided these external resources for additional information:

  • The National Cyber Security Centre Has published this information for individuals and families to help them protect themselves from cyber security threats.
  • As a data subject you can make a complaint to the Information Commissioner’s Office at any time if you have concerns about how a data controller is handling your personal data.
  • A personal data breach can have an impact on your mental health. You can access a broad variety of mental health resources, guidance and support through the NHS website.

Thank you for reading our guide to making a password data breach claim. You can discuss personal data breach claims at greater length by speaking to our advisors. In addition to providing further guidance on the subject, our team offer a cost free assessment of your eligibility to claim. Get in touch today using the information given above.