Legal, Police and Criminal Justice Data Breach Claims

If you have been the victim of a legal, police or criminal justice data breach, we can help.

Get justice for a legal, police or criminal justice
data breach violation

The legal, police and criminal justice sector is a lucrative target for hackers. But, in most cases, data breaches occur because of simple human errors and poor data security processes. If your sensitive and confidential data has been lost, stolen, or otherwise compromised, we can help.

Solicitors, the police, and the wider criminal justice system have access to some of our most sensitive information. As such, strict policies and procedures must be in place to ensure the safe processing of such data. But all too often, this is not happening.

This is especially worrying as many in the sector use paper files which are not secured by encryption. What’s more, legal professionals often carry around large quantities of information (e.g. when going to court or to work on at home). This can increase the risk of a data breach.

There are many different types of legal, police and criminal justice data breaches to watch out for, including:

The Police. Officers, police staff, and suppliers must know how to work with sensitive information securely. However, this is not happening too often, and in 2020, there were over 2300 data breach incidents reported by just 22 of the UK’s police forces.

Legal professionals (e.g. lawyers, law firms and claims management companies). At Keller Lenkner UK, our expert data breach lawyers are committed to upholding the standards of our industry. That’s why it’s particularly upsetting when we are contacted by someone who has been let down by their solicitor.

Conveyancers. Many conveyancers deal with large sums of client money. This can increase the risk of a data breach and prove devastating if sensitive data falls into the wrong hands.

The Crown Prosecution Service. The CPS is the principal public agency for conducting criminal prosecutions in England and Wales. The ICO has previously fined it for losing unencrypted DVDs containing recordings of police interviews.

Criminal Injuries Compensation Authority (CICA). The CICA deals with compensation claims from people who have been physically or mentally injured because they were victims of a violent crime in England, Scotland, or Wales. The data held by the CICA is extremely sensitive, and the consequences of a data breach are grave.

Data breaches across this sector are happening because of a combination of human error (e.g. staff emailing sensitive information to the wrong recipient) and malicious cyberattacks. In many cases, people with access to police databases unlawfully used them to search for individuals.

The information held by the legal and criminal justice system is often extremely sensitive, and a data breach can have a devastating impact on the public. Privacy infringements can also harm officers themselves.

If you have been a victim of a police, legal, or criminal justice data breach – whether you are an officer or a member of the public - we can help you make a no-win, no-fee claim for compensation.

Contact us today for a free, no-obligation, assessment of your case.

Cases we handle at Keller Lenkner UK

At Keller Lenkner UK, our data protection lawyers deal with a wide range of police, legal and criminal justice data breach cases every day.

Keller Lenkner UK has gained an enviable reputation in data breach law. And, with a team of data breach experts led by Kingsley Hayes – arguably the UK’s foremost data breach solicitor – and considerable expertise in this field, it’s easy to see why. Here are just some examples of the legal, police and criminal justice cases our data protection lawyers have dealt with…

Matthew’s* Criminal Injuries Compensation Authority data breach

After his ex-partner was jailed for his attempted murder, Matthew made a compensation claim via the Criminal Injuries Compensation Authority (CICA). The CICA is an executive agency, sponsored by the Ministry of Justice. It awards compensation to victims who have been physically or mentally injured due to violent crime.

Despite there being an agreement in place to protect Matthew’s address, the CICA sent documentation that included Matthew’s home address to his ex after his release from prison. Matthew is now living in fear, his PTSD has been exacerbated, and he has had to relocate as his home no longer felt secure.

We are helping Matthew to claim compensation for this serious breach of data protection. 

Margaret’s* police pension data breach claim

A fellow police officer contacted Margaret. The officer had been sent Margaret’s annual pension statement in error.
This statement included a vast range of personal data.
We are helping Margaret to claim for the breach of her pension data.

The Taylor* family’s witness statement data breach

The Taylor family experienced a serious assault and subsequently gave witness statements to the police. The  Police and the Crown Prosecution Service (CPS) erroneously passed these statements – which included their full names and home addresses – to the attacker, a known violent and aggressive offender.

The Taylor family is now living in fear of possible retribution and one member has had to move out of the family home as he does not want to put his children in danger.

We are helping the family claim compensation for this shocking and dangerous breach of their privacy, and the terror and emotional distress suffered.

*Names have been changed to protect client confidentiality.

Our current legal, police and criminal justice group actions

In some cases, you won’t be the only person to experience a data breach. In these instances, it might be worth joining a group action. Our current legal, police and criminal justice data breaches include:


Greater Manchester Police

The personal details of victims of crime in Greater Manchester have been put online by mistake.

The data breach affects victims of sexual abuse, witnesses and people reporting crime. According to the Force, no informant details were breached.

Thousands of people are thought to be affected.

Read More »

Police Federation

In 2019, The Police Federation of England and Wales (PFEW) suffered a severe data breach following a ransomware cyber-attack hit the PFEW headquarters. Around 120,000 current and former officers are affected.

Read More »
equiniti police


In August 2019, over 750 annual benefit statements were sent to the wrong postal addresses. These statements were for police officers of Sussex Police.
Equiniti, a company that provides support, communications and technology platforms to help manage company pensions, was responsible for distributing these statements.

Read More »

Why claim legal, police or criminal justice data breach compensation?

Hold those responsible to account for failing to protect your private information.

Receive financial compensation for your losses.

Force the legal, police and criminal justice sector to implement better data security.

Why use Keller Lenkner UK to make a claim?

We are one of the most experienced multi-claimant law firms in the UK.

We represent clients in group actions and individual cases with innovation, resources, and expertise.

We work with expert barristers to ensure you get the very best level of legal support available.

We have all the resources and global expertise necessary to take on complicated cases and win.

We have offices in Chancery Lane London, Birmingham and Liverpool, and the technology to provide a nationwide service, so we can help clients across England & Wales.

We use technology to deliver a better legal experience to our clients.

We work on a no-win, no-fee basis.

We make the process straightforward and hassle-free.


Latest news


How much does it really cost to make a PFEW compensation claim?

Are you, or have you recently been, a police officer in England & Wales? If so, you could be owned significant data breach compensation following a 2019 Police Federation of England and Wales (PFEW) data breach. But how much will it cost you to claim with Keller Lenkner UK? Here is everything you need to know.

Read More »
equiniti police

The emotional impact of the PFEW data breach should not be underestimated

The emotional impact of the PFEW data breach should not be underestimated. We all know the impact that theft can have on a person. Following a burglary, people often feel shock, anger, fear, helplessness, and panic. These feelings might develop immediately or be experienced much later. Cybercriminals are committing theft when they steal personal data, so it is understandable that some people feel upset; particularly as the PFEW effectively gave the burglar the keys.

Read More »

A complete guide to claiming PFEW data breach compensation

Are you, or have you recently been, a police officer in England & Wales? If so, you could be owned significant data breach compensation following a 2019 Police Federation of England and Wales (PFEW) data breach. In this handy guide, our data protection experts set out everything you need to know about making a PFEW data breach compensation claim.

Read More »

What can you claim for?

While each case is judged on its own merits, there are some things we would typically look for when it comes to when claiming compensation following a data breach, cybercrime or other GDPR violation:

Financial loses

With stolen data, cybercriminals can make purchases using your bank and credit cards, apply for credit in your name, set up fraudulent bank accounts and access your existing online accounts.


GDPR failures, cybercrime and data breaches can have a significant impact on you, both mentally and physically. They can cause or exacerbate anxiety, stress and other psychological conditions.

Loss of privacy

Your data has value, and organisations must be held to account if they fail to protect your right to data privacy or otherwise do not uphold your GDPR rights.

How to protect yourself following a data breach or cybercrime

  • Contact your bank or credit card provider immediately if your financial data has been exposed.
  • Check all bills and emails for goods or services you have not ordered.
  • Check your bank account for unfamiliar transactions.
  • Alert your bank or credit card provider immediately if there is any suspicious activity.
  • Monitor your credit score for any unexpected dips.
  • Call Credit, Experian and Equifax to ensure credit isn’t taken out in your name.
  • Never provide your PIN or full password to anyone (even someone claiming to be from your bank).
  • Never been pressured into moving money to another account for fraud reasons. A legitimate bank won’t ask you to do this.
  • Follow the security instructions provided by the organisation that breached your data.
  • Never automatically click on any suspicious links or downloads in emails or texts.
  • Don’t assume an email or phone call is authentic just because someone has your details.
  • Be careful who you trust – criminals often use scare tactics to try and trick you into revealing your security details.
  • Know that, even if you recognise a name or number, it might not be genuine.
  • Don’t be rushed or pressured into making a decision. A trustworthy organisation would never force you to make a financial transaction on the spot.
  • Never provide your full password, pin or security code to someone over the phone (or via message). If a bank believes a transaction has been fraudulent, they will not ask for this information to cancel the transaction.
  • Listen to your instincts and ask questions if something feels “off”.
  • Refuse requests for personal or financial information and stop discussions if you are at all unsure.
  • Contact your bank or financial service provider on a number you know and trust to check if a communication is genuine.
  • Be cautious of unsolicited communications that refer you to a web page asking for personal data.
  • Don’t accept friend requests from people you don’t know on social media.
  • Review your online privacy settings.
  • Report suspected fraud attempts to the police and Action Fraud.
  • Register with the Cifas protective registration service to slow down credit applications made in your name.
  • Change your passwords regularly and use a different password for every account (a password manager can help with this).
  • Protect your devices with up-to-date internet security software.