/ Money

Have you been a victim of a data breach?

Has your data been compromised in a cyber attack? Have you noticed any fraudulent or suspicious activity as a result? We want to hear about your experiences.

Back in May, a cyber-attack hit EasyJet, which could have exposed up to nine million people’s details.

In 2015, hackers accessed the details of 156,959 customers and 15,656 bank account numbers belonging to TalkTalk customers.

I’m currently working on an investigation into cyber-attacks and would like to hear from anyone who has lost money or encountered a scam following a data breach like these.

How do scammers use the data?

When your data is compromised in a cyber-attack, it can be sold to scammers on the dark web.

As a result, you might notice fraudulent activity after a data breach, such as:

⚠ Nuisance phone calls or emails

Credit or debit card fraud

Identify theft

If you’ve experienced any of these and think the suspicious activity is linked to a cyber-attack, I’d be really keen to hear more about it in the comments below.

As part of the investigation, I’ll be looking into what happens to your data in between it being stolen and it reaching scammers.

I’ll also be looking at better ways for you to protect yourself against harmful activity after a data breach.

What to do if you’re affected by a breach

If your personal data has been compromised in a cyber-attack, it’s well worth taking steps to protect yourself:

🔷 Change your password if your data has been lost and you use similar login details on other websites.

🔷 Keep a careful eye on your bank accounts and credit report for any suspicious activity and call your bank straight away if you notice anything.

🔷 Be wary of unexpected emails or phone calls – they could well be scams.

You can read our full guide to data breaches here.

Should customers be compensated?

A number of high-profile companies have been hit with data breaches over the past few years, and it looks like there may well be more going forward.

While the companies are often fined by the Information Commissioner’s Office, there is little by way of compensation for consumers affected.

Under GDPR legislation that came into effect in 2018, organisations are legally obliged to keep data secure.

So, if your data is lost and it causes you financial damage or distress, you may be able to make a claim from the organisation that lost it.

I’ll be looking into how many successful claims have been made by consumers and whether people should be entitled to compensation when their data is stolen.

Have you ever made a successful or unsuccessful claim against an organisation following a data breach? 

If so, let me know in the comments and I’ll follow up with the best way for us to have a private discussion about what happened.

Comments
Em says:
14 July 2020

Hi Hannah, your lead article contains a small error:

While the companies are often fined by the Information Commissioner’s Office (EasyJet was fined as much as £183 million), there is little by way of compensation for consumers affected.

EasyJet have yet to be fined by the ICO for their 2020 data breach. It was British Airways who were fined £183 million over their data breach in 2018 – only 500,000 customers. If EasyJet are found culpable for the data leak of 11 million customers, the fine might be somewhat more than that (up to 4% of revenue), so potentially up to £256 million.

Jeff says:
14 July 2020

I received notification recently saying that there had been a data breach where my information may have been exposed. I cant remember what company it was. However, 4 months ago I was a victim of identity theft where 2 mobile phone accounts were set up and phones delivered to me using my name and address and I was informed that someone tried to get credit to but a laptop, again using my name and address. Thankfully, they did not have my bank account details. The fraud departments of the phone companies have undertaken their investigation and closed the cases along with the finance company. I also reported this to my bank and Action Fraud.