Last updated 31st October 2024. This guide will explain what to do if someone shared your financial information unlawfully.
Financial information includes credit or debit card numbers, your bank account details and information about purchases you have made. But not all financial information is personal data.
We will explain what kinds of financial information falls under personal data. We will also touch on who can make a claim if their financial information is breached.
If you have any further questions on what to do if an organisation shared your financial information unlawfully, our advisors are here to help. They can offer free legal advice, as well as a free evaluation of your claim when you get in touch today. To learn more:
- Call 0800 073 8801
- Contact us via our website
- Use the live chat feature for instant help
Select A Section
- When Is It Unlawful To Share Data?
- How Unlawfully Shared Financial Information Could Impact You
- Are You Eligible To Claim Compensation If Someone Shared Your Financial Information?
- What Is The Average Compensation If Someone Shared Your Financial Information?
- No Win No Fee Agreements For Financial Data Breach Claims
When Is It Unlawful To Share Data?
Personal data is information that identifies a person, such as your full name, postal address, or credit card details. As such, only financial information that could identify you is classified as personal data.
The personal data of UK residents is protected by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Under this legislation, a lawful basis must be established by the data controller in order for the data to be processed. The data controller is responsible for establishing how and why to process your personal data, after which the processor processes your data on their instructions
These legislations are enforced by the Information Commissioner’s Office (ICO). The ICO is an independent organisation with the power to both investigate and fine organisations that fail to comply with data protection legislation.
If your personal data is shared without first establishing a lawful basis, this could lead to a personal data breach. A personal data breach occurs when the confidentiality, availability, or integrity of your personal data is affected by a security incident.
However, not every instance of a data breach will result in a valid compensation claim. Read on to learn more.
Why Would An Organisation Have Shared Your Financial Information?
Financial information may be shared lawfully or unlawfully for a number of reasons. For example, your bank may need to share your financial information with a business in order to fulfil a payment. However, human error could contribute to the unlawful sharing of your personal data: for example, an employee at a bank may send your bank statement to the wrong email address.
Our advisors are here to help if you are unsure whether you could make a personal data breach claim. Get in touch today to learn more if an organisation has shared your financial information.
How Unlawfully Shared Financial Information Can Impact You
You may have suffered emotional or financial harm if a data controller or processor shared your financial information. Organisations in the finance sector must follow data protection legislation, including ensuring that they have adequate physical and cyber security measures in place. If they fail to do this, this could result in a personal data breach.
How Can A Financial Information Breach Cause Material Losses?
If an organisation shared your financial information, you might experience a range of financial impacts, including:
- Criminals may target you for identity theft or fraud, leading to financial losses.
- A breach of your banking details could result in illegal withdrawals from your bank account
- If your mental health suffers as a result of a personal data breach, you may need to take time away from work. This could result in a loss of earnings.
Can A Financial Data Breach Cause Emotional Distress?
A personal data breach can also cause emotional harm. For example, you could suffer from:
- Anxiety due to a breach
- Stress
- Post-traumatic stress disorder (PTSD)
- Distress due to the breach
If you have suffered harm because an organisation shared your financial information, get in touch with our team today.
Are You Eligible To Claim Compensation If Someone Shared Your Financial Information?
As we have already mentioned, not every breach of data protection law will from a valid personal data breach claim. This is because the UK GDPR defines certain criteria that cases must meet in order to be eligible.
Firstly, the data breach must affect your personal data. This means that if an organisation suffers a breach, but it does not affect your personal data, you will likely not be eligible to claim. Secondly, it must occur due to the failings of the data processor or controller. Lastly, the breach must result in you experiencing emotional or financial harm, as we detailed in the previous section.
Time Limits For Data Breach Claims
You must also be within the time limit to start a personal data breach claim. The data breach claims time limit varies, depending on who the claim is made against, but generally, you will have:
- Six years to start a general personal data breach claim
- One year to start a claim against a public body
If you are unsure whether or not you qualify to make a data breach claim after an organisation shared your financial information, please contact us today. An advisor can assess your case and if you can make a claim.
What Is The Average Compensation If Someone Shared Your Financial Information?
The amount you could receive for a successful claim differs from person to person. This is because every claim comes with circumstances that differ depending on each individual. Because of this, there is no average payout that we can provide. However, we can explain the basics of personal data breach compensation.
If your financial information data breach claim succeeds, you can receive up to two heads of claim. These are:
- Material damage: Compensation for the financial impacts of the breach, such as damage to your credit score or debt accrued in your name.
- Non-material damage: Compensation for the psychological injuries caused by the breach, such as anxiety or depression.
To get a broad idea of what you could receive in terms of non-material damage, you can check the table below. This table takes figures from the Judicial College Guidelines (JCG), a document that helps legal professionals when they value claims by providing guideline settlement awards.
However, the first figure is not from the JCG, and none of these figures can be guaranteed for your potential personal data breach claim as all claims are different.
| Psychological Harm Caused | Payout | Notes |
|---|---|---|
| Multiple serious types of psychiatric harm plus financial losses | Up to £250,000+ | Compensation for suffering multiple types of psychiatric harm plus financial losses. |
| Psychiatric harm - (a) Severe | £66,920 to £141,240 | The person faces significant problems across multiple areas of life and has a very poor prognosis. |
| Psychiatric harm - (b) Moderately Severe | £23,270 to £66,920 | The person has faced significant problems though they now have a more optimistic outlook for some improvement. |
| Psychiatric harm - (c) Moderate | £7,150 to £23,270 | The outlook is much more optimistic, and symptoms will have seen some improvement. |
| Psychiatric harm - (d) Less severe | £1,880 to £7,150 | What could be awarded will depend on the severity of the symptoms and the duration of the symptoms. |
| PTSD - (a) Severe | £73,050 to £122,850 | The disorder has impacted all parts of this person’s life, and they can not function as they did before the traumatic event. |
| PTSD - (b) Moderately severe | £28,250 to £73,050 | There is a better prognosis due to the chance of recovery with professional help. |
| PTSD - (c) Moderate | £9,980 to £28,250 | Significant degrees of recovery have been made. There are not any grossly disabling symptoms. |
| PTSD - (d) Less severe | £4,820 to £9,980 | There will be or has been a virtually full recovery in 2 years, with only minor symptoms that persist. |
However, please be mindful that these figures are not guaranteed amounts and that the actual amount of data breach compensation that you could receive may vary. For a free consultation on what you could receive if an organisation shared your financial information, get in touch with our advisors today.
No Win No Fee Agreements For Financial Data Breach Claims
If you’re eligible to make a shared financial information data breach claim, one of our advisors can connect you with one of our specialist No Win No Fee solicitors. They can then offer you a Conditional Fee Agreement (CFA).
Here is how you can benefit from a CFA:
- There are no upfront solicitor fees.
- There are no ongoing solicitor fees.
- If the claim fails, there are no solicitor fees at all.
Instead, if the claim succeeds, your solicitor will take a success fee from your compensation. Success fees are a small, legally-capped percentage.
To learn more about how one of our solicitors could help you make a personal data breach claim in this way after your financial information was shared, get in touch:
- Call 0800 073 8801
- Contact us via our website
- Use the live chat feature for instant help
Learn More About Data Breaches
We have more guides on our website about making a data breach claim. We have also included some external guides for you.
- What Are My Rights After A Social Services Data Breach?
- What Are My Rights After A Mortgage Provider Data Breach?
- Government Data Breach – How To Make A Claim
Or, for more helpful resources:
- An NHS guide to post-traumatic stress disorder (PTSD)
- An ICO guide to the role of consent in sharing data
- Mental health guidance from the mental health charity Mind
Thank you for reading our guide to claiming if another party shared your financial information unlawfully.
Guide by HC
Edited by CH
