HNK Solicitors HNK Solicitors

How much is the average compensation for a Data Protection Act breach?

A data protection breach can have devastating consequences. From financial loss to reputational damage, the impact of your personal data being exposed to strangers is frightening to consider. Due to the severity of the potential consequences, you are entitled to claim compensation if have been the victim of a data breach. Depending on the circumstances, the amount of compensation could be substantial. In this post we’ll discuss the important question: how much is the average compensation for a Data Protection Act breach? We’ll also help you to understand how data breaches occur, and what to do if you are affected by one.


What is a data protection breach?

With so much of our personal information being routinely shared with a wide range of companies, it’s important to be sure that this information is well protected. For instance, many of us regularly share details of our name and address with online retailers, but we certainly would not want this information being broadcast widely.

Luckily, there are detailed regulations that establish the steps companies must take to protect any data they store. The two most important pieces of legislation are the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Every company and organisation that stores or processes personal information must pro-actively follow the requirements outlined in these regulations. Any failure to do so constitutes a data protection breach, otherwise simply known as a data breach.

The requirements set out by the GDPR and the Data Protection Act are extensive. This means that a data breach can take place in many different ways.

For instance, the GDPR requires that data is stored no longer than necessary. If a company retains your data when they no longer need it, this constitutes a data breach.

The most obvious and notorious kind of data breach is when data is not properly safeguarded and is accessed by those with nefarious intentions. Cyber-criminals have a range of tools for getting access to personal data that is not properly protected. And understandably so: after all, personal data can be a major source of illicit funds.

What impact can a data protection breach have?

Though the prospect of your data being stolen by a cyber-criminal may be particularly frightening, any type of data breach can have significant effects. Even unintentional and seemingly minor breaches can have major consequences.

These can include:

  • Financial losses
  • Reputational damage
  • Identity theft
  • Loss of employment prospects
  • Emotional distress

You can read more on data protection damages for distress on our blog here.

Given the potential severity of these impacts, it is important to know that you have the right to seek compensation if your personal information has been exposed by a data breach.

What should I do if I’ve been victim of a data protection breach?

There are a number of immediate steps you should take if your personal information has been exposed in a data breach – or if you are simply concerned that your data is being mishandled.

The first step is to contact the company in question. You have a right to know what personal information a company is storing about you. You also have the right to access copies of this information, and to have the information deleted.

As well as contacting the company directly, you can also make a complaint to the Information Commissioner’s Office (ICO). The ICO is an independent, non-governmental organisation responsible for enforcing the UK’s data protection regulations. They can investigate potential misuses of personal data. In extreme cases, they can issue fines to companies who have not stored data in a responsible way.

However, if the data breach has had a significant negative impact on your life, you should consider pursuing a compensation claim against the company responsible. As helpful as the ICO can be in enforcing data protection regulations, they cannot provide compensation to individuals affected.

In order to receive compensation, you’ll need to take legal action against the organisation responsible. In this case, it’s vital you take advice from experienced solicitors. They’ll be able to offer an in-depth understanding of the often-complicated rules and regulations involved. They’ll be able to provide a good understanding of whether your claim is likely to be successful. They can also explain what you could expect to receive as a result of your claim.

Here at HNK, our team has an extensive background in successfully pursuing data breach claims. If you are considering seeking compensation for the impact of a data breach, we will be able to provide you with the advice you need.

Computer scan

How much is the average compensation for a data protection breach?

Unfortunately, this question is not as easy to answer as you may have hoped. Compensation amounts can vary considerably, from the low hundreds to the tens of thousands of pounds.

Understandably, the amount of compensation you could potentially receive will depend on a range of factors, These include the kind of data that was exposed and the consequences it had for you.

For example, certain information is defined as “special category data” and must be safeguarded more carefully. This includes data concerning your:

  • Health
  • Sexual orientation
  • Racial or ethnic origin
  • Political, religious, or philosophical beliefs

This kind of information is recognised as being more sensitive than, for example, your name and date of birth. If this is exposed it can lead to higher compensation pay-outs than other, less sensitive data.

However, even low-level breaches exposing less sensitive information can lead to compensation totalling hundreds or even thousands of pounds. This is especially true if it has had a demonstrable negative impact.

In cases of sensitive data being exposed and causing serious impacts, the amounts involved can be in the tens of thousands.

For instance, in 2018 HNK Solicitors were able to secure compensation totalling £20,500 for our client after sensitive medical data was exposed by their employer.

Even more recently, in 2020 we secured a £10,000 settlement for our client after a data breach revealed details of an allegation for which they had been interviewed by the police.

As you can see from these examples, the amounts involved can be substantial, particularly if sensitive information is involved. But they also show something else: the importance of experienced and professional legal support for your compensation claims.

Get in touch with HNK for your data breach claims

At HNK, we understand the significant impact that data protection breaches can have on people. For that reason, we are committed to ensuring that those affected get the compensation they are entitled to.

We offer free, no-obligation consultations to discuss any potential compensation claims. We can discuss your case and offer expert advice. If we do think you have a case, we can offer to take it up on a no-win, no-fee basis.

So if you have been the victim of a data breach, get in touch with HNK Solicitors today. You can fill out the form on our website to request a call back. Alternatively, call us on 0151 203 1104 or email us at

Share article


Latest News

No Win No Fee, Free Consultation

Please fill out the form below to get started with your claim

Please enable JavaScript in your browser to complete this form.
Terms & Conditions
Skip to content