HNK Solicitors HNK Solicitors

What are the types of data breaches you can claim compensation for?

Every day we encounter technology that uses our personal data. Whether it’s on our Facebook profiles, making payments on Amazon or entering our home address into Deliveroo. There are so many reasons we may give out our personal information consensually, but this means we are also susceptible to the many different types of data breaches that can come about.

Not everyone is aware of the wide range of types of data breaches that can occur. Not all types of data breaches are intentional either, but it’s still important to know which ones you can claim compensation for. HNK Solicitors are here to clarify the differences and offer guidance on how to seek compensation if you have fallen victim to any of these types of data breaches.

Any company is open to data breaches. No matter how secure the company’s systems, there are still many ways information can get out, be misused or shared. This blog will highlight the many methods of breaching data, both intentional or non-intentional, and which types of data breaches you can claim compensation for. HNK can then help you get the compensation you deserve.

Types of data breaches

There are three main forms of data breach: physical, electronic and skimming.

Physical Breaches

Physical theft may sound obvious, but it does happen. Humans can make mistakes that can cost companies thousands, and sometimes millions in fines and settlements. It can only take a moment for a file, computer or company phone to be left alone before information can be stolen. Once in the hands of the wrong people, personal data can be shared across the web without your consent.

When physical theft is performed by one company onto another company, it is known as corporate espionage. However, physical theft is not always intentional and this exchange of data can also happen by mistake, like this office desk bought from a charity shop that contained personal data from The Belfast Health Trust.


Ransomware is where you may receive a message that your computer or phone has been hacked and it will be returned to you if you pay a fee. The fee can range in price due to the severity of the breach. In large scale events, hackers will often gain entry to a full computer network, steal the valuable data and then scramble the original copies of the information, before demanding ransoms in return for the decryption. This type of ransomware attack recently happened to popular snacking brand KP.

Password guessing is another damaging process where passwords are stolen. It’s more common than you may imagine. Companies often leave passwords in notes meaning anyone can access them and therefore view files somewhere else. Oftentimes passwords can be hacked because they are too easy to guess. This type of breach is known as a ‘brute-force attack.’ Making passwords by using your street, sibling’s or pet’s names can make hacking accounts incredibly easy.

Phishing is a method where a website mirrors another website you may frequently use as a way of making you enter personal information. For example, a website that looks like Paypal. You may enter your login details into the form, accidentally giving the cybercriminals your password. This type of data breach can compromise the safety of personal or company information, it can be used to make payments with your bank details or get into other profiles with the same or similar passwords. Here is an example of a phishing scam that used Sharepoint and One Note to go after passwords.

Malware or viruses can be sent to people with the intention of wiping the computer. This is particularly harmful for companies who rely on their databases. For example, a hospital experiencing a malware attack could potentially harm the patients and even lead to fatalities. Last year, over 30,000 Apple Mac devices were infected with a mysterious malware.

Recording keystrokes is made possible when cybercriminals install malware that can record what a person is typing into a computer. This can happen both on personal computers and work on computers. The malware can record everything that is typed into the keyboard including payment details, passwords and other sensitive information such as names, addresses and health data. This information can be used against companies easily as passwords can be used, as well as company bank account details. In 2017, HP were found to have keystroke software already pre-installed on their laptops. This is also a skimming form of data breach.


Skimming is a method where a device is attached to technology in order to gain access to data. This typically happens a point-of-service machines like card readers or ATM machines. The device reads the data from the card in use and sometimes the keystrokes of the pin number. Cards can then be cloned and also sold on the dark web.  These types of machines can often disguise themselves and it’s important to look out for any sign of tampering before entering your card.

What does a data breach look like?

In accordance with the General Data Protection Regulation (GDPR) and Data Protection Act 2018, companies who process and control your data have the responsibility to keep your data secure and retain it lawfully. A breach of these data protection regulations can look like:

  • Outdated or inaccurate information,
  • Failure to keep the data updated,
  • Failure to protect your data from unlawful access,
  • Making confidential information public,
  • Using data for any reason other than its stated purpose,
  • Failure to process your data fairly or accurately,
  • Failure to take security measures to protect your information from hackers or thieves.

The types of data breaches you can claim for

The amount you can claim depends on your individual case, but it can range up to thousands of pounds. HNK assesses data breach claims individually and can advise you on what compensation you could be entitled to based on your claim. You could be entitled to claim compensation for:

  • Misuse of data,
  • Loss of control of data,
  • Breach of confidence,
  • Financial Loss,
  • Damage,
  • Distress,
  • Human rights breaches.

How HNK Solicitors can help you secure compensation for a breach of data

If you have experienced a data breach, HNK Solicitors can seek compensation on your behalf. Contact us for a no-obligation consultation and if we believe your case will be successful, we can take it on through a no-win-no-fee agreement. This means you can make your claim on a no-risk basis as you won’t have to pay out if your case is lost.

HNK has a team of expert solicitors who have years of experience in handling data breach claims. We understand the damage and distress that can be caused when your data is breached and will work hard to ensure you get the compensation you deserve. The current limitation period for making a data protection claim in six years. This means if you have been subject to a data breach in the past six years, you can potentially make a claim. Get in contact with us today on 0151 668 0813 or fill out our form online to request a call back. 

Share article


Latest News

No Win No Fee, Free Consultation

Please fill out the form below to get started with your claim

Please enable JavaScript in your browser to complete this form.
Terms & Conditions
Skip to content