Business & Retail
Data Breach Claims

Your data is a valuable commodity, but many businesses are not protecting this as well as they should do. If you have been the victim of a data breach, we can help.

Get justice for a business or retail data breach

We all trust businesses with our personal data in return for products and services. But we expect these companies to have the knowledge and ability to handle our information securely. Unfortunately, all too often, this is not the case, and our data privacy is being violated.

The truth is that most breaches are preventable. Companies just do not like investing in cybersecurity, updating their systems, or training their staff. And, while many companies are using online shopping and in-store technology to boost profits and make the buying process easier, when moving to a digital model, many organistions do not make protecting customers from online fraud a priority.

All kinds of businesses are experiencing data breaches. This includes:

Airlines. Airlines are letting customers down and there has been a massive increase in the number of passenger air transportation data breaches.

Retailers. With several high-profile retail data breaches hitting the headlines, shopper trust is arguably at a long time low. And, every day, smaller retail data breaches are affecting individuals across the UK.

Technology companies. As the UK adopts new technology and apps, the need for robust security measures to protect personally identifiable information is often being overlooked.

Financial businesses. Our financial data is a lucrative target for hackers. But, in most cases, financial data breaches occur because of simple human errors and poor data security processes.

Regardless of the business type, organisations must invest in robust security measures to eradicate any security vulnerabilities and keep their customers safe. Until this happens, data breaches will continue to rise, and people will be forced to make compensation claims to recoup their losses, uphold their data privacy rights, and ensure that businesses implement more secure processes.

If you have been a victim of a business or retail data breach, we can help you make a no-win, no-fee claim for compensation.

Contact us today for a free, no-obligation, assessment of your case.

Cases we handle at Keller Lenkner UK

At Keller Lenkner UK, our data protection lawyers deal with a wide range of business and retail data breach cases every day.

Keller Lenkner UK has gained an enviable reputation in data breach law. And, with a team of data breach experts led by Kingsley Hayes – arguably the UK’s foremost data breach solicitor – and considerable expertise in this field, it’s easy to see why. Here are just some examples of the business and retail cases our data protection lawyers have dealt with…

John’s* complainant data breach

John made a complaint to a business regarding the standard of its service. The company posted this complaint online in error. This included John’s personal details and a copy of his correspondence.

This personal data was publicly available online for several years before the mistake was spotted. 

We are helping John to claim compensation for this breach of his privacy.

Stephen’s* gym data breach

Criminals targeted Stephen’s gym in a cyber-attack. As a result of the attack, his personal and financial data was breached. This included his bank account information (account number and sort code).

Whilst he has not yet been the victim of financial theft, Stephen is now at a greater risk of fraud, theft, and scams, and his emotional health has suffered as a result.

We are helping Stephen claim compensation for the distress and data privacy suffered because of this breach.

Marijke’s* credit provider data breach

Marijke took out credit from a reputable online provider. Cybercriminals targeted the company, and her personal data was accessed by the hackers.

As well as her name and contact details, the cybercriminals also got hold of her credit report information. Marijke is now a potential target for fraud and theft, and this has caused her significant emotional distress.

We are helping Marijke claim compensation for the distress and data privacy suffered because of this breach.

*Names have been changed to protect client confidentiality.

Our current business & retail actions

In some cases, you won’t be the only person to experience the data breach. In these instances, it might be worth joining a group action. Our current business and retail group actions include:

Man walking through hotel lobby with suitcase and looking at his phone

Chedi Hotel

Guests at the Chedi Muscat are at risk following a ransomware attack
You might not know that you are affected. But if you are, you could be due compensation.

Read More »


The DVLA makes money selling the names and addresses of registered vehicle owners to private parking companies so they can issue fines. If you have been issued with a parking charge notice you could be affected and due compensation.

Read More »


LinkedIn has suffered a massive data breach affecting 700 million people. In total, 92% of LinkedIn users are reportedly affected by this breach. The stolen data includes salary information.

Read More »


In January 2021, London-based estate agent Foxtons discovered that it had experienced a huge data breach. But, despite an investigation finding 16,000 card details, addresses and correspondence related to this breach on the dark web, Foxtons did not tell its customers that criminals had accessed and exposed their data.

Read More »


In November 2019, T-Mobile suffered a severe data breach. Over a million pre-paid customers are believed to be affected. T-Mobile was very unforthcoming about the data hack and did not provide additional information at the time of the breach.

Read More »


In June 2018, Ticketmaster admitted to a huge data breach. The breach happened after a supplier to Ticketmaster was infected with malicious software while having access to the Ticketmaster website. The Ticketmaster data breach affects up to 40,000 people.

Read More »

Why claim business & retail data breach compensation?

Hold businesses to account for failing to protect your private information.

Receive financial compensation for your losses.

Force businesses to implement better data security.

Why use Keller Lenkner UK to make a claim?

We are one of the most experienced multi-claimant law firms in the UK.

We represent clients in group actions and individual cases with innovation, resources, and expertise.

We work with expert barristers to ensure you get the very best level of legal support available.

We have all the resources and global expertise necessary to take on complicated cases and win.

We have offices in Chancery Lane, London and Liverpool City Centre, and the technology to provide a nationwide service.

We use technology to deliver a better legal experience to our clients.

We work on a no-win, no-fee basis.

We make the process straightforward and hassle-free.


Latest news

doctor using a computer

The NHS has shared hospital data with more than 40 companies

According to an article in the Financial Times, the NHS has shared a wealth of data with several companies. Any organisation can apply for access to NHS patient data, but while some use it for planning and research purposes (e.g. local governments, public bodies, and universities), the Financial Times has discovered that it was also shared with 43 commercial businesses.

Read More »

T-Mobile confirms that it has breached customer data – again

T-Mobile has admitted that, once again, hackers have accessed its systems. The confirmation comes after some T-Mobile customer data was found listed for sale on a cybercriminal forum. The seller is asking for 6 bitcoin (around £203,000) for a 30 million subset of the data. The seller claims to be selling the rest of the data privately.

Read More »

Amazon fined £636 million for GDPR breach

Amazon is facing a fine of £636 million for breaching the General Data Protection Regulation (GDPR). The huge fine is being issued by Luxembourg’s data protection regulator. It is the biggest GDPR penalty issued to date and is more than double every other GDPR fine combined.

Read More »

Has the DVLA breached your data?

Around 16 million people may be affected by this improper handling of data, and if you have received a private parking fine from 2016 to present day, you could be due thousands of pounds in compensation.

Read More »

What can you claim for?

While each case is judged on its own merits, there are some things we would typically look for when it comes to when claiming compensation following a data breach, cybercrime or other GDPR violation:

Financial loses

With stolen data, cybercriminals can make purchases using your bank and credit cards, apply for credit in your name, set up fraudulent bank accounts and access your existing online accounts.


GDPR failures, cybercrime and data breaches can have a significant impact on you, both mentally and physically. They can cause or exacerbate anxiety, stress and other psychological conditions.

Loss of privacy

Your data has value, and organisations must be held to account if they fail to protect your right to data privacy or otherwise do not uphold your GDPR rights.

How to protect yourself following a data breach or cybercrime

  • Contact your bank or credit card provider immediately if your financial data has been exposed.
  • Check all bills and emails for goods or services you have not ordered.
  • Check your bank account for unfamiliar transactions.
  • Alert your bank or credit card provider immediately if there is any suspicious activity.
  • Monitor your credit score for any unexpected dips.
  • Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name.
  • Never provide your PIN or full password to anyone (even someone claiming to be from your bank).
  • Never been pressured into moving money to another account for fraud reasons. A legitimate bank won’t ask you to do this.
  • Follow the security instructions provided by the organisation that breached your data.
  • Never automatically click on any suspicious links or downloads in emails or texts.
  • Don’t assume an email or phone call is authentic just because someone has your details.
  • Be careful who you trust – criminals often use scare tactics to try and trick you into revealing your security details.
  • Know that, even if you recognise a name or number, it might not be genuine.
  • Don’t be rushed or pressured into making a decision. A trustworthy organisation would never force you to make a financial transaction on the spot.
  • Never provide your full password, pin or security code to someone over the phone (or via message). If a bank believes a transaction has been fraudulent, they will not ask for this information to cancel the transaction.
  • Listen to your instincts and ask questions if something feels “off”.
  • Refuse requests for personal or financial information and stop discussions if you are at all unsure.
  • Contact your bank or financial service provider on a number you know and trust to check if a communication is genuine.
  • Be cautious of unsolicited communications that refer you to a web page asking for personal data.
  • Don’t accept friend requests from people you don’t know on social media.
  • Review your online privacy settings.
  • Report suspected fraud attempts to the police and Action Fraud.
  • Register with the Cifas protective registration service to slow down credit applications made in your name.
  • Change your passwords regularly and use a different password for every account (a password manager can help with this).
  • Protect your devices with up-to-date internet security software.