My Data Privacy Was Breached By TalkTalk, Could I Claim Compensation?
This guide about data protection breach claims against TalkTalk aims to give you information to help.
When we share personal information with a company, we have the expectation that they will make sure that it is kept safe. If a data breach happens and your personal information is accessed, it could put you at risk of consequences such as identity theft, fraud, or mental harm.
If you suffered psychologically or financially due to a personal data breach, it could be possible to make a data protection breach compensation claim. Our panel of lawyers could help you to do that.
Do you have proof of a justifiable claim and would like to speak to one of our advisors? You can reach them whenever is best for you because they’re available 24/7.
You could use our ‘contact us‘ to ask for a callback. There is also a chat messenger that has already popped up on your screen that you can use to speak to our advisors. Alternatively, call us on 0161 696 9685.
Select A Section
- A Guide On Data Protection Breach Claims Against TalkTalk
- What Are Data Protection Breach Claims Against TalkTalk?
- How Does The GDPR Affect Sharing With Third Parties?
- Details Of The TalkTalk Cyber Attack And Data Breach
- Calculating Compensation Amounts For A Data Breach By TalkTalk
- Examples Of Damages Awarded To Victims Of Data Breaches
- When And How To Report A Data Breach To The Information Commissioner
- Make A Data Protection Breach Claim Against TalkTalk With A No Win No Fee Solicitor
- When A Data Breach Lawyer Could Help You
- How To Start Your Data Breach Claim Against TalkTalk
- Contact A Solicitor
- Common FAQs People Ask About Data Breach Claims
- Where To Learn More
This guide aims to help you understand what you need to do in order to successfully claim compensation for a data breach. We’re going to go through data breach laws and what you are entitled to in terms of the protection of your personal data.
To help demonstrate this, we will also go over a real-life data breach that involved TalkTalk customers. We will also show you our compensation calculator table so that you can gauge the amount of money you could be entitled to claim.
We will also be explaining some of the advantages of working with a data breach solicitor when making your claim. This guide also contains a number of links to other pages on our website as well as on other websites so that you can further read through resources on data protection law and data protection compensation claims.
This guide on data protection breach claims against TalkTalk aims to help. However, if you have any questions about it, reach out to our advisors. They’re available 24/7 and offer free legal advice.
A data protection breach claim is a kind of legal action. It is essentially a request for compensation for the financial or mental harm that the breach caused you.
If you are able to provide evidence that the company you are claiming against was responsible for the breach and your suffering then you could be awarded compensation.
A data breach starts with a breach of security. This then leads to the unauthorised or unlawful access, alteration, disclosure, loss or destruction of your personal data.
A company that decides why and how your data will be used is a data controller. The company that (sometimes) processes data on their behalf is a data processor. A data subject is a person whose data is collected and processed.
Data controllers can breach your data privacy by accident. Or a hacker, for example, may access your personal information deliberately. The company that holds or processes your personal data should take reasonable lengths to protect it.
There are a number of different circumstances in which a personal data breach could happen. They include the below.
- Personal data is lost by the company.
- It is shared with other third parties without your permission or a lawful reason.
- It’s accessed by other third parties due to a cyber attack.
- It is misused for contacting you without your consent.
There is legislation with strict outlines of what companies are required to do with their customer’s personal data. The General Data Protection Regulation (GDPR) is one such piece of legislation. This is a European Union law that is enacted in the UK via the Data Protection Act 2018.
Breaking the GDPR could lead to a personal data breach. Also, the company could receive a fine.
Data controllers should adhere to the below seven principles. They should:
- Only use methods that are lawful, transparent, and fair for collecting their customer’s data.
- Use this data for the reasons they have made explicitly clear to the customer. (However, if they need to share the data with third parties for lawful reasons without your consent, they can.)
- Only collect the data that they need for the explicitly stated reasons.
- Ensure that the data they keep is accurate and accessible to the customer.
- Ensure that the data is disposed of once it is no longer needed.
- Hold the data securely.
- Provide evidence that these conditions have all been adhered to.
If you have any questions on this guide exploring potential data protection breach claims against TalkTalk, why not get in touch?
TalkTalk was the subject of a major investigation by the Information Commissioner’s Office following a data breach in 2015. The Information Commissioner’s Office (ICO) is an authority in the UK that enforces data protection laws.
Due to a vulnerability in a series of web pages operated by TalkTalk, cyber-attackers were able to access the personal details of over 150,000 individuals. Over 15,000 people had their bank account details accessed.
Due to the severity of the data breach, the ICO issued a £400,000 fine to TalkTalk. The fine was reduced to £320,000 in practice due to the company voluntarily paying the fine ahead of the scheduled deadline. To learn more about this breach, you can read through a timeline of events on the ICO website.
The cost of a personal data breach can vary from case to case. In some cases, victims of a data breach can become victims of theft, fraud or blackmail. It can potentially cost individuals large amounts of money.
The threat of this alone could cause harm to the victim by causing them stress and anxiety. Even if none of the possible outcomes comes to pass, the mental distress alone can make a claimant entitled to claim compensation.
Working out the value of compensation for mental distress can be done in accordance with guidelines set out by the Judicial College. These guidelines are used by solicitors to help them value physical and mental injuries.
Greater sums of money could be claimed for more severe forms of mental harm resulting from a data breach.
To see what these guidelines say about different kinds of mental health damage, you can see the compensation table below. It does not show the final amounts of compensation you could win, but it can help you to get a picture of the amount of money that you may be entitled to claim for psychological suffering. This is known as non-material damages.
|Severe psychiatric damage||£51,460 to £108,620|
|Moderately severe psychiatric damage||£17,900 to £51,460|
|Moderate psychiatric damage||£5,500 to £17,900|
|Less severe psychiatric damage||Up to £5,500|
|Severe PTSD||£56,180 to £94,470|
|Moderately severe PTSD||£21,730 to £56,180|
|Moderate PTSD||£7,680 to £21,730|
|Less severe PTSD||Up to £7,680|
If you can’t align your suffering with anything listed in the compensation table above, get in touch. Our advisors could help you understand what you might be entitled to. And they offer these estimations for free.
In the next section of our guide to data protection breach claims against TalkTalk, we look at material damages too. These compensate you for financial loss.
Mental harm is just one example of how a personal data breach could impact a data subject. You could also suffer financially. A data breach could make you vulnerable to losing money. Here are some ways that this could happen.
- Losing access to your bank accounts and being unable to withdraw or transfer money.
- Having your bank accounts stolen from by someone who should not have had access to your banking details.
- An unauthorised person using your banking or credit card details to make purchases.
- Having to take unpaid time off work due to stress relating to the data breach.
Part of your compensation claim could include claiming back the money you have lost due to the personal data breach. This compensation is material damages.
To recover the losses, you will have to provide proof. This can come in the form of bank statements, wage slips, conversations you have had with your bank, and so on. This is in order to calculate a specific amount of money to claim and to prove that you really have lost money because of the breach.
One thing that you can attempt instead of, or prior to, making a compensation claim is to make a complaint to the Information Commissioner’s Office. The ICO was mentioned in an earlier section on the TalkTalk breach in 2015. It is the regulator that handles data breach cases in the UK. It is the public body authorised to conduct investigations, demand information from companies under investigation and, where necessary, hand out fines to those who have breached data protection laws.
The ICO ask that you first contact the company (data controller) directly. You could be able to find a resolution before anyone needs to intervene. If, however, the response from the company is unsatisfactory, you could contact the ICO.
You should contact the ICO if it has been less than three months since you stopped having contact with the company about the breach. Waiting for any longer could impact the decisions the ICO makes.
The ICO could carry out an investigation to discern whether or not there has been wrongdoing. They could make the company pay a fine.
However, if you do not wish to make an ICO complaint, or if they do not provide you with a satisfactory response, you could still come to us to discuss making a compensation claim. The ICO can’t help you seek compensation. But, if you have a favourable claim with evidence, our panel of solicitors could.
Your situation may well be stressful enough as it is if you have experienced a data breach and, with it, the potential loss of your money. You may not want the added possible pressure of claiming alone. Moreover, you may not want the financial worry of having to pay a solicitor their fees if your case loses. That’s where No Win No Fee agreements can help.
Under No Win No Fee, the solicitor agrees to only receive their fees if the case wins. Your solicitor would be paid a ‘success fee’ out of the money that is awarded to you as a result of a successful claim. This success fee is capped by law and is a small percentage.
No Win No Fee solicitors do not generally take on a case if they feel that there’s a considerable risk of it not succeeding. So if your claim is accepted under these circumstances, it should be a good sign.
If you would like further information about how No Win No Fee works, please call our advisors.
We have created this guide to provide you with information on the justifications behind data protection breach claims against TalkTalk. If you have questions, why not get in touch?
If you believe that you may have been the victim of a data breach, then you could contact a lawyer. A good lawyer should have the experience, knowledge, and training needed to make a claim.
Solicitors should be able to:
- Calculate how much compensation you could claim.
- Help you put together evidence.
- Represent you in the unlikely event that the case goes to court.
If you work with our panel of lawyers, you could make a No Win No Fee claim, which we described earlier. You could also work with our panel remotely so that you don’t have to limit your options to lawyers that are based near you.
To start with, you may attempt to contact TalkTalk about your situation. You may wish to give them the chance to try and rectify the situation. Once you have done this, and you don’t receive a satisfactory response, you have two options.
You could first attempt to make an ICO complaint as we have discussed. However, doing this won’t mean you’re claiming compensation. You’ll just be lodging a complaint.
You could have a conversation with one of our advisors who could tell you about your claim’s chances of success. They could off a free estimate of the amount of compensation you could be awarded. They could talk you through the entire claims process and, of course, connect you with our panel.
If you want to speak to one of our advisors, then you can reach us through:
- Our online enquiry page for booking callbacks at a time that suits you.
- The chatbox at the bottom of the screen that has already popped up for you.
- Calling us on 0161 696 9685.
What is the GDPR?
The GDPR is the General Data Protection Regulation. It is the set of legal principles. The Data Protection Act 2018 enacts it into UK law. These are the rules that companies have to follow when it comes to the processing of personal data.
What are my rights if my data has been breached?
You could be entitled to claim compensation if your data privacy has been breached and you can prove you suffered financial loss or psychological damage.
What can I do if my data has been breached?
You could contact the company directly and make a complaint. After that, if the situation isn’t resolved, you could make an ICO report. If you suffer mentally or financially because of the breach, you could contact us to make a compensation claim.
What are the consequences of a data breach?
A data breach could put you in danger of having money stolen from your account. Your credit card details could be misused and you may suffer from severe mental distress. However, it depends on what information was accessed.
Here are some other guides on other pages of our site for you to get more information from.
Our guide to making a claim against your employer for a data breach: Employer Breach Of The Data Protection Act, What Are My Rights?
Our general guide to GDPR data breach claims: GDPR breach claims with a solicitor
Our guide to making a data breach claim against a police force: Police data breach claims
Government information on data protection breaches: Make a complaint
The ICO’s definition of personal data breaches
Thank you for reading our guide exploring potential data protection breach claims against TalkTalk.
Written by JY
Edited by RV