In 2017, poor security processes at Equifax led to a huge data breach. The ICO has fined Equifax £500,000, and people who have been affected by the breach can register to make a data breach claim.
But Equifax still hasn’t informed everyone who had their data privacy rights violated.
Keller Lenkner UK has launched a group action against Equifax. Group actions can be a powerful tool and can have a bigger impact than a single claim.
IF YOU HAVE BEEN AFFECTED BY THE EQUIFAX DATA BREACH, WE CAN HELP YOU MAKE A NO-WIN, NO-FEE CLAIM FOR COMPENSATION.
Equifax knows exactly who was impacted by this breach. But you have to ask Equifax if you were involved. This is called making a Subject Access Request (SAR). To keep the process straightforward, Keller Lenkner Data Breach Solicitors can make a SAR on your behalf.
The sensitivity of the personal information held by Equifax made its 2017 breach one of the most severe data privacy failures ever reported. If you were affected by the Equifax data breach, we can help you make a no-win, no-fee compensation claim.
The expert data protection lawyers at Keller Lenkner UK have set out everything you need to know about claiming Equifax compensation in this guide.
Find out more about making a group action claim for compensation against Equifax.
What does no-win, no-fee actually mean and are there really no costs if you appoint us?
See our answers to the FAQs we get asked about the Equifax Data Breach.
The Equifax data breach happened when hackers gained access to the private details of 146 million people in the US. While Equifax said that its systems in the UK were not affected, it did admit that a file stored in the US may have been accessed. As such, up to 15 million UK individuals could have had their details breached.
The data included names, address, dates of birth, and credit card numbers. Some driving licence numbers and some email addresses were also included in the breach. Also, for some individuals, their Equifax credit services account info may have been exposed. In addition to the above data, this means that their username, password, secret question and answer could be breached. Some credit card payment amounts could also have been compromised.
The Equifax data breach was announced in September 2017. The sensitivity of the personal information held by Equifax makes this breach one of the most severe breaches reported to date.
To join our claim against Equifax, you need evidence that your personal information was involved in the data breach.
Equifax wrote to 693,665 UK customers confirming that they had their data breached. Equifax also wrote to a further 167,431 UK consumers whose landline telephone numbers were already published in the public Phone Book. If you are one of the people who have received such a letter, you can claim for Equifax data breach compensation.
However, many victims will not have received a letter from Equifax. And, even if you never used Equifax directly, your data could be compromised if you applied for a loan, mortgage, etc. (if the provider used Equifax to check your credit score).
If you have not received confirmation about your involvement (or of you have lost this evidence), but suspect your information was breached, you can ask Equifax if you were put at risk. This is called making a subject access request (SAR).
In the UK, you can ask any organisation if your data was involved in a breach and a copy of this information should be provided free of charge. This is a legal right, and you can complain to the ICO if Equifax does not provide the information.
To keep the process straightforward, Keller Lenkner Data Breach Solicitors can make a SAR on your behalf.
Once we have established whether you were involved in the Equifax data breach, we will ask you for:
Yes. if you used an Equifax security product between 2015 and 2017 your data could be at risk. But even if you never used Equifax directly, your data could be compromised if you applied for a loan, mortgage, etc. (if the provider used Equifax to check your credit score).
No. Equifax will pay over $400 million to compensate victims in the US, but this does not go to victims in the UK. We believe that UK consumers deserve compensation too.
In 2018, the ICO issued Equifax Ltd with a £500,000 fine for failing to protect personal data. However, while the ICO has the power to impose hefty fines on organisations in breach of their duties, it does not award compensation, so this money will not be given to victims of the breach. The only way to get Equifax data breach compensation is to make a claim.
While Equifax was the victim of a cyber-attack, it is the one who controlled your personal information. Poor security processes allowed the breach to happen, so Equifax is responsible.
The Information Commissioner’s Office (ICO) investigation revealed multiple security failures at the credit reference agency. In response, Equifax was fined £500,000. However, the investigation was carried out under the Data Protection Act 1998 rather than the current General Data Protection Regulation (GDPR), and the £500,000 fine is the maximum allowed under the previous legislation. So it could be argued that Equifax got off lightly.
Register via our online form for further advice about what to do. We will keep your details (securely of course!) and, now Equifax has been fined, start your claim for compensation.
Unfortunately yes, cybercriminals could use the details stolen in the Equifax data breach to commit further harm (e.g. in phishing attempts). Because of this breach, many people have already experienced theft, fraud, and emotional distress.
The ICO investigators discovered that almost 15 million people in the UK had their names and dates of birth stolen. This included:
More significantly, the ICO also discovered another data set (the GSC data set) which included 27,047 UK individuals. In this data set, the compromised information was account information for Equifax’s credit services. Of this group, 12,086 people had their email addresses compromised and 14,961 individuals had portions of their Equifax.co.uk membership details such as username, address, date of birth, plain text password, secret questions and answers, and partial credit card details accessed.
The ICO investigation, carried out in parallel with the Financial Conduct Authority, concluded that there had been multiple failures at the credit reference agency. For example,
Following the data breach, Equifax sent a letter to those affected, informing them that their data was put at risk. Everyone who has received this letter can claim compensation.
However, since the hack was first uncovered, Equifax has admitted that far more people were put at risk than first thought. If you are in any way concerned, contact us and let us know. We will check if you have had your data breached. Once we have established that your data has been violated, we can start the claims procedure on your behalf.
Yes, it does not matter if there is no evidence that the data stolen has been used to carry out identity theft or fraud. If your privacy rights have been breached the law agrees that you are entitled to compensation.
After finding a series of data protection failures at the company, the ICO imposed a penalty of £500,000 on Equifax. However, while it has the potential to issue fines, the regulator does not give any of this money to the victims of the data breach.
We cannot say for sure, but we believe that we have a strong case. Especially as the ICO has already found Equifax guilty of failing to put appropriate security measures in place to prevent a cyber-attack. In the US, Equifax will pay $4oo million to compensate affected consumers in a similar action.
We cannot say that you will definitely get compensation, but Equifax has already been found to have breached people’s data and needs to be held responsible by compensating for any losses, distress and inconvenience caused. In the US, Equifax will pay $400 million to compensate affected consumers in a similar action.
To make the strongest possible claim on your behalf, we always ask for evidence to support your claim. We will ask for this whether or not you have a letter from Equifax. This could include things like:
We would also seek confirmation that, as far as you are aware, your information was not put at risk by another data breach.
To join our Equifax data breach group action compensation claim you need to register with us. It is vital to sign up ASAP to ensure you do not miss out.
While each case is judged on its own merits, there are some things we would typically look for when it comes to when claiming compensation following a data breach, cybercrime or other GDPR violation:
With stolen data, cybercriminals can make purchases using your bank and credit cards, apply for credit in your name, set up fraudulent bank accounts and access your existing online accounts.
GDPR failures, cybercrime and data breaches can have a significant impact on you, both mentally and physically. They can cause or exacerbate anxiety, stress and other psychological conditions.