This guide explains when you could claim compensation for an energy company data breach. We cover the legislation that establishes a legal requirement to protect personal data and the parties responsible for adhering to data protection laws.
Energy Company Data Breach – Can I Claim Compensation?
We also provide some examples of data breaches and the financial and psychological impact they could have.
Furthermore, we discuss the evidence you could gather to show the way you have been affected by a breach of your personal data.
Later in this guide, we note the compensation that can be awarded for financial loss, psychological harm or both if a personal data breach claim is successful.
To conclude, we discuss the benefits of working with one of our data breach solicitors under No Win No Fee terms.
Speak to our advisors for a free consultation and assessment of your potential data breach compensation claim. To reach them, you can:
- Call 0800 073 8804.
- Discuss your potential claim online.
- Join an advisor on live chat.
Select A Section
- Can I Claim For An Energy Company Data Breach?
- Examples Of Energy Company Data Breaches
- Evidence Supporting Energy Company Data Breach Claims
- Check How Much Compensation You Could Claim
- No Win No Fee Data Protection Breach Solicitors
- Check Our Related Data Breach Guides
Can I Claim For An Energy Company Data Breach?
There are two parties who have a responsibility with regards to the handling, storing and processing of your personal data. The data controller determines how and why personal data is processed. The controller may process the personal data themselves, or outsource this task to a data processor who acts on the controller’s instructions.
Both the controller and the processor must follow two key pieces of data protection law, the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (GDPR.) If there is a failure to adhere to these laws, and this causes your personal data to be compromised, it could lead to you suffering financial loss, mental harm, or both.
The Information Commissioner’s Office (ICO), the body responsible for upholding data subject rights and freedoms in the UK, defines a personal data breach as a security incident impacting the availability, confidentiality or integrity of personal data.
In order to begin a personal data breach claim, you need to prove:
- The data controller or processor did not meet their obligations under data protection law.
- This led to a breach which impacted your personal data.
- You suffered financial loss, mental distress or both as a result.
Time Limits
The time limit for starting a data breach compensation claim is generally six years. However, if the claim is against a public body, this is reduced to one year.
Our advisors can discuss this in more detail and let you know how long you have to take legal action. They can also cover the eligibility criteria for energy company data breach claims in more depth. Just phone today via the above number.
Examples Of Energy Company Data Breaches
Personal data is information that can be used to identify you either directly, or indirectly when used alongside other information. This can include your name, email address, postal address, phone number and your credit or debit card details. Examples of how a breach of your personal data could occur include:
- A mass email is sent to customers but there is a failure to use the blind carbon copy (BCC) function. As a result, other customers gain access to your email address.
- The energy company fails to take steps to encrypt personal data related to your finances, including your debit card details, that is stored online. As a result, it is accessed more easily in a cyber attack such as a ransomware attack. This leads to money being stolen from your account.
- After an employee takes files home containing your personal data, the files are lost. As a result, this causes you stress and anxiety.
- A letter containing your personal data is sent to the wrong postal address, despite the company having the correct details on file. This means unauthorised access to your personal data is gained.
To find out whether you’re eligible to begin a claim for a personal data breach, please contact an advisor. They can discuss your specific case with you and help you understand the potential next steps you could take.
Evidence Supporting Energy Company Data Breach Claims
Your claim will need relevant evidence highlighting the breach and how it affected you. This includes:
- A record of communication between you and the company. This can show how the breach occurred and what personal data was affected.
- Medical records, which you can request from your healthcare provider, showing psychological harm caused by the breach.
- Proof of financial loss caused by the breach. This can include bank statements to show any money stolen from your account.
The data controller must inform you of a personal data breach that puts your rights and freedoms at risk without undue delay. If they have not contacted you and you suspect a breach has compromised your personal data, you can contact them directly. If they do not give a meaningful reply within three months, you can make a complaint to the ICO. The ICO may investigate your complaint and any findings from this investigation could be used as evidence if you go on to make a personal data breach claim.
If you have a valid energy company data breach claim and wish to seek legal representation, you could instruct one of our solicitors to help you seek compensation. Find out how they could assist you by calling the number above.
Check How Much Compensation You Could Claim
Following a successful personal data breach claim, you could receive compensation for the material damage or non-material damage you have suffered, or both together.
Non-material damage refers to the psychological harm you have experienced due to the breach of your personal data, such as anxiety, depression, or Post-Traumatic Stress Disorder (PTSD), in more severe cases.
Material damage refers to the monetary losses incurred as a result of the personal data breach. This could include, for example, money stolen from your account or loans taken out in your name due to your debit or credit card details being compromised. It could also include lost income from time taken off work to recover from the psychological impact of the breach.
Due to a judgement made in the Court of Appeal in the case of Vidal-Hall and others v. Google Inc [2015], you can seek compensation for psychological harm without also having experienced any monetary loss.
Legal professionals working on a case may use medical records to assess the value of a data breach claim. They may also refer to the Judicial College Guidelines which contains a list of guideline compensation brackets corresponding to different types of mental harm.
Compensation Table
We have used figures from the JCG to produce the table below. Please note that these figures are only a guide.
| HARM | COMPENSATION | NOTES |
|---|---|---|
| Severe Psychiatric Damage | £54,830 to £115,730 | A very poor prognosis with marked problems impacting different areas of the person’s life, such as their work, education and relationships. |
| Moderately Severe Psychiatric Damage | £19,070 to £54,830 | Significant problems impacting different areas of the person’s life but with a better prognosis than the bracket above. |
| Moderate Psychiatric Damage | £5,860 to £19,070 | A good prognosis along with an improvement of a significant nature. |
| Less Severe Psychiatric Damage | £1,540 to £5,860 | The award given can depend on how long the person was affected and to what extent. |
| Severe Post-Traumatic Stress Disorder (PTSD) | £59,860 to £100,670 | The affected person will be unable to function at pre-trauma levels and every aspect of their life will be negatively affected. |
| Moderately Severe PTSD | £23,150 to £59,860 | A better prognosis due to receiving professional help and having some recovery. Despite this, the effects are still likely to cause a significant disability in the future. |
| Moderate PTSD | £8,180 to £23,150 | A significant recovery with any ongoing issues not being majorly disabling. |
| Less Severe PTSD | £3,950 to £8,180 | The person has a mostly full recovery within a couple of years and any symptoms that continue over a longer period will be minor. |
Speak to an advisor if you want to know more about how payouts for energy company data breach claims are calculated.
No Win No Fee Data Protection Breach Solicitors
Our advisors can let you know if you have grounds to make an energy company data breach claim. If you do, you might wish to instruct one of our solicitors to help you. They can offer you a No Win No Fee arrangement called a Conditional Fee Agreement. This agreement typically means you are not charged for your solicitor’s services:
- Upfront;
- As the case goes on;
- If the claim fails.
A claim with a successful outcome means a solicitor will collect a percentage of your compensation as their success fee. This percentage is capped by The Conditional Fee Agreements Order 2013.
Speak To An Expert
If you have been affected by an energy company data breach and aren’t sure what to do next, speak to our advisors for free advice. To reach them, you can:
- Call 0800 073 8804.
- Write to us about your claim online.
- Open the live chat tab below.
Check Our Related Data Breach Guides
More of our guides:
- Read our guide on whether you can claim for a data breach if your personal data was not locked away or secured and the steps you can take to seek compensation.
- A guide to claiming compensation following a customer services data breach including how a solicitor could help.
- Learn what steps you could take following a lost files data breach and the compensation you could be awarded.
Some further resources:
- ICO – Learn about your right of access to your personal data.
- NHS – Get support for anxiety, fear or panic.
- National Cyber Security Centre – Information for individuals and families.
Thank you for reading our guide on whether you could claim following an energy company data breach. If you have any other questions, please contact an advisor on the number above.
