Data breaches are on the rise. No organisation, regardless of size or type, is safe. Our expert lawyers help people make successful data breach claims for a variety of different privacy failures.
Too many companies fall short when it comes to data security. This makes it easier for criminals to exploit your data. We help people make successful cybercrime claims against companies that have failed in their data protection responsibilities.
Our expert lawyers help people make a wide range of successful Privacy and GDPR claims after a data protection breach. This includes automated decision-making violations (including in the gig economy) and facial recognition infringements.
Combining legal expertise with experience handling large cases, Keller Lenkner UK represents our clients passionately and diligently.
Having opened a new GDPR rights and data breach division in 2020, Keller Lenkner UK has gained an enviable reputation in data breach and protection law. And, with a team of data protection experts led by Kingsley Hayes – arguably the UK’s foremost data breach solicitor – and considerable multi-claimant expertise, it’s easy to see why.
At Keller Lenkner UK, our team has the passion, skill, persistence, and resources to fight your corner and win.
If an organisation fails to protect your personal and private information, you deserve justice. But concerns about the cost of claiming can stop people from appointing an expert data breach solicitor, and getting the professional legal advice they need.
The Keller Lenkner UK data breach solicitors work for you on a no-win, no-fee basis to ensure you get the expert legal representation you need following a privacy violation. So, if your claim is unsuccessful, you won’t pay a penny towards your case.
At Keller Lenkner UK, we provide efficient, no-nonsense legal services to our clients. We do this by combining the latest technology and a highly trained legal team. But we don’t underestimate the importance of a personal touch, and there is always a UK-based data breach expert at the end of the phone should you need to talk to us.
This commitment to service excellence means we lead the way when delivering client care. Enquiries are dealt with sooner, cases are more thoroughly reviewed, you are never left chasing us for an update, and of course, we get you the maximum compensation possible.
At Keller Lenkner UK, our data protection lawyers deal with many data breach cases every day. Here are just some examples of how we are helping our clients…
*Names have been changed to protect client confidentiality.
At Keller Lenkner UK, our expert data protection lawyers have all the legal expertise needed to take on corporate giants and large organisations and win. In addition to our own legal know-how, we also work with expert barristers to help us win our group action cases.
Click on a link below to find out more about any particular Keller Lenkner UK group action.
Large organisations are smarter and better resourced than ever before when it comes to legal support. And it can be difficult for some law firms to stand up to such strength when representing clients after a data breach or other GDPR violation.
In most cases, personal data breaches are not caused by cybercriminals hacking huge organisations but by simple human mistakes. As a direct result of admin errors and poor data security processes, these privacy violations can cause considerable distress, upset, embarrassment and harm. As such, the consequences of these errors are often far-reaching, and you have a legal right to hold the guilty party to account.
Each data breach case is different, and as your data protection lawyers, we always look at the full and possible long-term impact of a breach when compiling your claim. However, there are some things we always look for when claiming data breach compensation.
With your stolen data, criminals might make purchases using your bank/credit cards, apply for credit in your name, access your existing online accounts (e.g. bank, PayPal etc.) or even set up illegal bank accounts in your name.
You are entitled to claim for any losses you can link directly to the breach of data.
A data breach can have a significant impact on a person’s mental health. Following a violation, it is not uncommon for victims to be diagnosed with stress and other psychological conditions. Likewise, a data breach can exacerbate any existing mental health illnesses.
As a direct result of privacy violations, we have seen people experience stress, fear, anxiety attacks and trauma. Some victims require medication to help them deal with the psychological effects of a breach of trust. Relationships with loved ones can also suffer.
Personal data has value – there is a reason it is commonly found for sale on the dark web after a data breach. So, we must hold organisations to account if they fail to protect our right to data privacy.
A cyberattack happens when criminals illegally access an organisation’s data, for example, by hacking or ransomware. Finding out that criminals have stolen your data can be extremely distressing. Furthermore, following a cyberattack, stolen data is often found for sale on the dark web, so different criminals might try to use your data to commit further crimes against you.
Cybercrime might be big news, but in most instances, data breaches are the result of human error rather than criminal activity. And, for those involved, the experience can be devastating.
When making a GDPR compensation claim, a lack of care or understanding of the law can leave data breach victims open to inferior advice and representation. This could see them lose out financially as a result.
At Keller Lenkner UK, we believe that the best way to make big companies pay for their GDPR failures is to use specialist data breach solicitors. However, with data protection law a relatively new field, it can be tricky to find data breach solicitors with proven experience in this area.
At Keller Lenkner UK, our data breach solicitors are true experts in GDPR law.
At Keller Lenkner UK, our expert data breach solicitors help our clients get the compensation they deserve following data protection breaches, cybercrime, and other GDPR offences. We know what it talks to make a successful data protection claim and we have all the legal expertise and resources needed to take on big players such as Ticketmaster, BA, EasyJet, and Equifax (amongst others). So, if you appoint Keller Lenkner UK, our data breach solicitors will give you the best chance of success.
In some cases, where a data breach occurs, you will not be the only victim. In these instances, you might be able to join a group action claim. With strength in numbers, a group action increases the chances of success for all the claimants. At Keller Lenkner UK, we have all the expertise and resources needed to stand up to the corporate giants via group actions. And our data breach solicitors do not just even the score – we take the fight to them.
Our expert data breach solicitors help people make successful data breach claims after the theft, loss, or misuse of their personal information. Each data breach case is different, but as your data breach solicitors, we always look at the full and possible long-term impact of a breach when compiling your claim. This means we get you the maximum compensation possible.
As data privacy violations continue to rise, so too do data breach compensation claims. Nevertheless, some people still think that making a GDPR compensation claim is opportunist. With data breaches causing suffering and distress to people across the UK, this could not be further from the truth.
Of course, if you lose out financially after a data breach, you must get back what you are owed. But what many people do not understand is that the emotional impact on victims can be just as devastating.
Downplaying the impact of a data breach compensation claim is disrespectful to the victims. Furthermore, the amount of information we share with organisations leaves us all open to the threat of financial and identity fraud if this falls into the wrong hands. So, organisations must be held to account if they fail to protect our personal data as they are required to do so by law.
Claiming compensation can help victims get the justice they deserve. But more than that, it could also force organisations to take data protection seriously and implement more secure processes.
Victims of data breaches often become the target of cybercriminals. So, following a privacy violation, before you do anything else, it is essential to take steps to keep yourself safe.
As well as following any security instructions provided by the organisation that breached your data, here are some top tips to prevent the impact of a data breach from escalating.
Contact your bank/credit card provider ASAP if your financial data has been exposed. They will provide advice on what to do next.
Check all bills, statements and emails for unfamiliar transactions and alert your bank/credit card provider immediately if there is any suspicious activity.
Call the credit reference agencies (Credit, Experian, and Equifax) to ensure criminals do not take out credit in your name. You should also monitor your credit score for any unexpected dips.
Do not provide your PIN or full password to anyone (even someone claiming to be from your bank).
Do not been pressured into moving money to another account “for fraud reasons”. A legitimate financial organisation will not ask you to do this.
Do not assume an email, letter, text, or phone call is authentic just because someone has your details. They could have got hold of these in the data breach.
Beware of scare tactics that try to trick you into revealing your security details, or which encourage you to act in a way that puts you in danger. A responsible organisation will not force you to make a financial transaction then and there.
Know that cybercriminals can make a phone call or email appear to come from a trusted person/organisation. You can always contact the organisation in question on a number you know and trust to check if a communication is genuine.
Listen to your instincts in case anything feels “off” and stop any discussions if you feel at all unsure.
Beware any communications that refer you to a web page asking for personal data.
Do not click on any suspicious links or downloads in emails or texts.
Do not accept friend requests from people you do not know on social media and review your online privacy settings.
Register with the Cifas protective registration service to slow down any credit applications made in your name.
Change your passwords and do not use the same password for more than one account (a password manager can help with this).
Protect your devices with up-to-date internet security software.
Use 2FA and other security measures where available.
There are no set amounts awarded for a data breach claim. If you go to court, the judge will consider all the circumstances, including the seriousness of the breach and the impact on you. However, it is important that your data breach solicitor knows what to claim for. Inexperienced solicitors might not understand the full and lasting impact a data breach can have on a person.
Each case is judged on its own merits, but there are some things to consider when claiming compensation for a data breach.
With stolen personal data, criminals can buy things using your bank and credit cards, apply for credit in your name, set up illegal bank accounts and log in to your existing online account.
What this might involve:
Any money lost (e.g. if a criminal made a purchase using your bank card or stole funds from your account).
Any loss of earnings as a direct result of the breach (e.g. if you needed time off work or lost your job because of the impact of the breach).
The loss of future earnings (e.g. if you had to drop out of university).
Any expenses that you had to pay because of the data breach (e.g. private medical care, travel expenses, accommodation, etc.).
A data breach can have a considerable impact on you, both mentally and physically. It is not unusual for a data breach to cause or exacerbate anxiety, stress, and other psychological conditions.
What this might involve:
Stress, worry, and anxiety.
Any recognised psychological injury.
The effect that the leak had on your social and home life.
Your data is valuable, and organisations must be held to account if they do not uphold their data protection responsibilities towards you.
What this might involve:
The loss of privacy itself.
At Keller Lenkner UK, we deal with a huge range of data breach cases. The most common reasons for a data breach are where:
Data has been inadvertently lost or leaked.
Personal data has been erroneously used and/or sent to a third party without permission.
Financial data or an identity has been stolen to carry out theft/fraud.
An organisation failed to maintain up-to-date, accurate information and this caused damage.
Personal information has been misused or mishandled.
Anyone who has had their personal information put at risk by an organisation might be able to make a data breach compensation claim.
Under GDPR, organisations who experience a data breach that is likely to affect the rights and freedoms of those involved must inform these people without undue delay. So, if you are a data breach victim, you should be contacted by the offending organisation to let you know.
However, this does not always happen. As such, it is worth keeping an eye out to see if your information is at risk. There are online tools that can help you to do this such as https://haveibeenpwned.com/
Furthermore, if you suspect a particular breach might have exposed your personally identifiable information (PII), you have the right to ask the offending party to confirm whether your suspicions are correct. This is called making a Subject Access Request.
In some cases, where a data breach occurs, you will not be the only victim. In these instances, you might be able to join a group action claim. Because there is strength in numbers, a group action (also called a class action or multi-party action) helps to even the playing field between large organisations and individual claimants. So, a group action usually makes a big organisation take the matter more seriously. This increases the chances of success for the claimants.
Personal data is any information about a person that could be used to identify them, either on its own or in combination with other information. For example, a name, email address or even an IP address.
Personal data also includes extremely sensitive information such as medical records, details about a person’s political or religious leanings, and criminal convictions.
You can make a data breach claim with Keller Lenkner UK, regardless of whether an organisation only breached your information, or if your data was involved in a large data breach involving multiple people.
A group action data breach compensation claim is where a group of people – sometimes even thousands of people – have been affected by the same issue. Group action cases are also known as class actions or multi-claimant actions. The main benefit of a group action is that it provides strength in numbers. Furthermore, just because your case is part of a group action does not mean that you will receive the same amount of compensation as everyone else. Your claim will be based on your experience and, if successful, you will receive what you are owed.
At Keller Lenkner UK, we are currently running several group action data breach claims.
To avoid falling foul of data protection rules, organisations MUST tell you if they have breached your personal data “without undue delay”. However, in reality, this does not always happen.
If you suspect your data has been breached, but you have not heard from the company you think failed to protect it, you can make a subject access request (SAR) to find out if your information was involved in a privacy violation. You can also contact the ICO if an organisation fails to respond to a SAR, or if it does not do so adequately.
Keller Lenkner UK is one of the most experienced multi-claimant law firms in England and Wales.
Furthermore, our data breach team boasts some of the most skilled data breach lawyers, and we are used to winning for clients against well-funded corporates and in complicated multi-claimant and group actions.
Ultimately, our team has the experience, diligence and means to fight your corner and win.
Partner and Head of Data Breach, Kingsley Hayes, highlights the pitfalls of automated decision making and explains the importance of GDPR compliance when relying on algorithms to make decisions. Kingsley’s article was published in ITNow, 17 May 2022, and can be found here. The relationship
Computer Weekly published an article reporting on the Parasol umbrella company data breach in which cybercriminals accessed the personal information of contractors and employees. On