We've been featured in:

Loughborough University Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Loughborough University Data Breach

My Data Privacy Was Exposed By A Loughborough University Data Breach, Could I Claim Compensation?

As an organisation that collects and stores lots of personal information, you would expect that Loughborough University would take steps to protect such data. But what happens if something goes wrong and you suffer psychological or financial harm due to a data breach by Loughborough University? Could you make a data breach compensation claim against Loughborough University for the harm you’ve suffered? And how could you go about doing so?

Loughborough University data breach claims guide

Loughborough University data breach claims guide

This guide gives you a wealth of information relating to data breach claims.

In the sections below, you will find out how Loughborough University was affected by the Blackbaud data breach.

We also explain what legislation is in place to protect your personal data and how a breach of this legislation could lead to victims of data breaches being eligible to claim compensation. We hope you find this guide useful.

If you’d like to get started on your claim right away or have questions about whether you could be eligible to claim, please don’t hesitate to call the Legal Expert team on 0800 073 8804.

Select A Section

A Guide To Data Breach Claims Against Loughborough University

Whether you’re a former or current student at Loughborough University, or you work there, you would expect that the university would collect and store some of your personal information for a variety of purposes. In accordance with data protection laws, such as GDPR and the Data Protection Act 2018, the university should protect such personal information. But what happens if they fail in this regard and your personal data is breached?

This guide has been created to inform you about your options when it comes to making a data breach claim against Loughborough University. In the sections that follow, we’ll explain what personal data is, and the responsibilities that universities have to protect your personal data.

We’ll also explain how things could go wrong, and what effect a University of Loughborough data breach could have on you. In addition to all this, we explain how data breach compensation could be calculated, and how you could begin a claim for compensation with our help.

Whether you’ve been affected by a high profile data breach such as the Blackbaud hack, or your personal data has been breached due to a mistake by a member of staff, this guide should give you all the information you may need to begin a claim for compensation.

What Is A Data Protection Breach By Loughborough University?

Before discussing what a data breach is, we should first explain what personal data is. According to the Information Commissioner’s Office, who enforces data protection law in the UK, personal data is information that:

  • Could identify a living person on its own
  • Could be used in combination with other information to identify a living person

There are a variety of pieces of information that could be classed as personal data, including:

  • Your name
  • Your contact details
  • Your location details
  • Your IP Address
  • A student identification number

Categories Of Personal Information

Some types of personal information could be classed as sensitive data. If a university collects sensitive data about you, the data coordinator must ensure it is given a higher level of protection. Sensitive data could include:

  • Trade union memberships
  • Sexual orientation
  • Sex life
  • Religious/philosophical beliefs
  • Race
  • Political opinions
  • Health data
  • Biometric data (for identification)

What Is A Data Breach?

A data breach claim against Loughborough University could be warranted in a variety of different data breach incidents. In general terms, data is breached when it is subject to:

  • Unauthorised storage, processing, access, disclosure, alteration or transmission
  • Loss
  • Theft
  • A loss of availability

A data breach could be caused by negligence, human error or malicious attacks, including:

  • A hacking
  • Theft of data storage equipment
  • Negligent computer/network maintenance
  • Phishing
  • E-mails sent in error
  • Malware
  • Loss of computer equipment

These are just a few examples.

How A University Data Breach In The UK Could Affect A Victim

Whether you’ve been affected by a Loughborough alumni data breach or your data has been breached as a current student or member of staff employed by the university, it could cause a number of unwelcome consequences, such as:

  • Privacy violation – particularly in cases where sensitive information has been breached, victims may feel that their privacy has been violated.
  • Emotional harm – if your data was breached you may be worried about what could happen. A data breach could cause you stress and anxiety.
  • Identity theft – if enough data is hacked, a cybercriminal could use it to steal your identity. They could use it for themselves or sell it on to other criminals
  • Financial theft – if someone gains access to your personal data, they could use it to access your bank account or make purchases in your name

You should report a data breach at Loughborough University, in accordance with the university data breach policy, if you believe your personal data has been violated. However, we would also advise you to seek legal advice.

University GDPR Compliance

It is vital that universities comply with data protection laws, including the Data Protection Act 2018, which incorporates into UK law the EU’s most stringent data protection statute, the General Data Protection Regulation (GDPR).

If they do not, they could not only be investigated and potentially fined by the ICO, but they could also be liable to pay compensation for a university data breach claim, if the data breach causes non-material or material harm to a victim.

Loughborough University must take steps to ensure that:

  • Personal information processing is fair and lawful
  • The collection of personal data is explicit, specified and legitimate
  • The processing of data subjects’ personal information is adequate, relevant and not excessive
  • Every data subject’s personal information is updated to ensure its accuracy
  • The personal information collected is only kept for as long as it serves the specified purpose
  • Any personal information collected is secured

If you are looking to make a data breach claim against a university because a breach of your personal data has led to you suffering financial or emotional harm, why not call our team today for advice and support. We’d be happy to help you prove your data breach claim against Loughborough University to get the compensation you deserve.

How The Blackbaud Data Breach Affected Loughborough University

One high-profile data security incident that affected Loughborough University was the Blackbaud data breach, which happened early in 2020.

Blackbaud, a database provider supplying its services to various UK universities, was the target of a ransomware attack, in which information on a staff, students and alumni database was subjected to unauthorised access.

While Blackbaud paid a ransom for the destruction of the information stolen in the attack, the personal details of many people may have been breached.

Source: https://universitybusiness.co.uk/headlines/data-breach-at-eight-uk-universities

Non-Malicious Data Breach Incidents

While some data breaches could be the result of malicious attacks by cybercriminals, not all data breaches are purposeful. For example, in 2017, East Anglia University breached the personal details of a member of staff when their information was sent in error to nearly 300 people.

This is not the only e-mail error that has affected the university. In another incident, the university had to pay £140,000 to students whose details were mistakenly sent to almost 300 people.

Source: https://www.bbc.co.uk/news/uk-england-norfolk-41934027

Another data breach incident affecting a university occurred in 2013 when a microsite created by a student was left unprotected online leading to exposed data of nearly 20,000 people being accessed without proper authorisation. Greenwich University was fined £120,000 by the ICO in 2018 for the breach.

Rates Of Breaches In Data Protection At Universities

You may be surprised, and perhaps concerned, about the rate of data breach reports made to the ICO by universities in 2019. According to IT Governance, over 50% of universities that responded to a freedom of information request in 2019 had reported an ICO data protection breach.

In addition to this, the report highlighted some serious concerns about the lack of security awareness training given to university staff and students. In fact, it was revealed that 54% of university staff and 12% of university students were not given awareness training.

And when it comes to network security, there are further concerns. When internet service provider Jisc conducted security tests on university systems, they were able to gain access to more than 50 universities’ systems within the space of just two hours.

Source: https://www.itgovernance.co.uk/blog/54-of-universities-reported-a-data-breach-in-the-past-year

Criminal Cyber Attacks Against Universities

There are a variety of common cybersecurity risks that universities should protect themselves against. They could do so by having a robust university information security policy in place, training staff and students to protect their login credentials by changing passwords regularly, and ensuring that computer security and network security is regularly reviewed and updated where necessary.

These actions and more could protect universities from the following risks:

  • Stolen data – A Loughborough University data breach could involve the theft of information. While this could involve personal data, it could also include research data. Many universities conduct research and development projects and the information relating to such studies could be valuable in the wrong hands. In fact, in 2020, the National Cyber Security Centre (NCSC believed that coronavirus research material was targeted in cyber attacks involving Russian spies. (Source: https://www.bbc.co.uk/news/technology-53429506)
  • Attacks on passwords – One way in which cyber criminals could attack a university system is with password guessing software. If they guess an authorised user’s password, they could access information they are not permitted to.
  • Malware – Malware attacks could involve ransomware, like the Blackbaud hack, or viruses being placed on university systems. It is vital to report an infected computer as quickly as it is identified to prevent a computer infection from spreading to other systems.
  • Keystroke detecting software– If a keystroke recorder is put onto a computer, it could record the keystrokes of an authorised user, allowing a cybercriminal to obtain their login credentials.
  • Phishing – Redscan reports have revealed that phishing could be one of the most dangerous ways of attacking university systems. Phishing risks, where authorised users are duped by e-mails directing them to fake sites, allowing criminals to steal login credentials could be protected against by putting together a suspicious email reporting service. (Source: https://www.redscan.com/media/The-state-of-cyber-security-across-UK-universities-Redscan-report.pdf)
  • Denial Of Service Attacks – A DDoS attack could remove the ability of an authorised user to access their data.

Whatever reason you’ve suffered a data breach, we’d be happy to assess your case to see if you could be eligible to claim. If the evidence is strong enough, we could provide you with a Legal Expert solicitor to help you with your data breach claim against Loughborough University.

Types Of Compensation Available To Claimants

If you’ve been affected by a Loughborough University data breach, you might be wondering what types of compensation you could claim. It’s possible to claim for both material and non-material harm you’ve experienced as a direct result of a data breach.

  • Non-material harm could relate to a privacy breach, particularly where sensitive information has been breached, and the stress caused by a data breach.
  • Material harm would relate to the quantifiable financial damage you’d suffered as the result of the data breach

The reason claimants who have suffered psychological harm as the result of a data breach can make a claim for it is that a legal precedent has been set in a case known as Vidal-Hall and others v Google Inc [2015] – Court of Appeal. The issue of psychological harm caused by data breaches was considered, and it was said that compensation for such an injury could be considered. Therefore, claimants could potentially receive compensation for anxiety, stress, depression and loss of sleep caused by a University of Loughborough data breach, provided you can prove the claim and harm caused.

If you’d like to make a data breach claim against Loughborough University, whether for material or non-material harm, if you can prove their failings, our experienced lawyers could help with this.

Compensation Calculator For Data Breaches By Loughborough University

If you’re interested in learning how compensation for a data breach by Loughborough University could be calculated, it would be done by assessing and examining all the evidence and facts of the case.

While material damages may involve looking at credit card and bank statements, for example, to see the quantifiable monetary cost of the breach, calculating psychological injury compensation could be somewhat more complicated.

Psychological Injury Compensation For Data Breaches

Calculating an appropriate compensation amount for psychological injuries sustained as a result of a data breach also involve assessing medical evidence. What this means is that you would have to visit an independent doctor to have your injuries assessed as part of your claim.

The independent medic would review any relevant medical notes, ask you about your injuries and write a report, which could include the type of injury you’ve sustained as well as their opinion on your prognosis. This could be used to work out an appropriate level of compensation, as well as evidencing your claim.

To illustrate the difference in compensation levels psychological injuries could attract, we’ve put together a table for you, which you can see below.

The table contains figures from a publication, the Judicial College Guidelines, which could be used by your lawyer and the court to determine how much compensation could be appropriate for your claim.

Edit
Injury How Severe Compensation Bracket (JCG)
General psychiatric Injury Severe £51,460 to £108,620
PTSD/Post-traumatic stress disorder Severe £56,180 to £94,470
PTSD/Post-traumatic stress disorder Moderately severe £21,730 to £56,180
General psychiatric Injury Moderately severe £17,900 to £51,460
PTSD/Post-traumatic stress disorder Moderate £7,680 to £21,730
General psychiatric Injury Moderate £5,500 to £17,900
PTSD/Post-traumatic stress disorder Less severe Up to £7,680
General psychiatric Injury Less severe Up to £5,500

For a more precise estimate, why not get in touch with our team?

How Do I Find The Right Solicitor For My Claim?

Whether the data breach by Loughborough University resulted from a cyberattack, network security problem, or another reason, you do not have to necessarily use a lawyer to make a claim. You could opt to report a data breach directly to the university, explaining how you’d suffered because of it, and ask for compensation. You could even report a data breach at Loughborough University directly to the ICO and ask them to investigate.

However, many people find value in using the services of a data breach solicitor when making such a claim. The benefits could include:

  • Your solicitor knowing how long they have to take action and ensuring paperwork is submitted before your case is time-barred (6 years for data breaches and 1 year for human rights breaches)
  • Your solicitor would have the capability of building the strongest case possible
  • They could negotiate on your behalf for the highest settlement possible for your case
  • You wouldn’t have to take on the legal legwork of proving your own claim

Choosing A Lawyer

If you’re considering using a lawyer for a data breach claim against Loughborough University, you might be wondering where you could find one.

While you could ask family and friends for recommendations, or look online, you are likely to find that there are a huge number of law firms that could provide you with solicitors to help you.

Here at Legal Expert, we believe we could be a great choice to help you with your university data breach claim. There are many benefits to using our services, such as:

  • A freephone legal advice line
  • Free, no-obligation case checks
  • Years of experience helping people claim the compensation they are eligible to claim
  • Great communication
  • Fantastic customer service team
  • High quality No Win No Fee data breach lawyers

We even have the reviews to back these claims up, as you can see by visiting our reviews page. We’d be delighted to help you with your data breach claim against Loughborough University, so why not get in touch to chat about how we could help you?

No Win No Fee Claims For A Data Breach By Loughborough University

If you don’t want to fund a data breach claim against Loughborough University yourself, then with Legal Expert, you won’t have to. We’re pleased to tell you that all of our solicitors work under No Win No Fee terms, so you would not be expected to pay a penny in legal fees unless your case was successfully settled.

In general terms, a No Win No Fee data breach claim would work as follows:

  • Firstly, your lawyer would send you a Conditional Fee Agreement (No Win No Fee agreement) and ask you to read, sign and return it. This document forms a contract between you and your lawyer and specifies the level of success fee (usually a small percentage of your compensation payout) you’d pay them once they secured a payout for you. This fee is legally capped.
  • Once the signed agreement had been returned to the lawyer, they’d begin work on your case, collecting evidence and negotiating compensation on your behalf.
  • If a compensation payout was arranged for you, the success fee would be taken from it, and you’d benefit from the rest of the compensation.
  • If your case failed and did not result in a payout, you would not pay the success fee or your lawyer’s costs.

If you have any questions about making a No Win No Fee data breach claim against Loughborough University, we’d be glad to answer them. Or, if you prefer, you could take a look at our No Win No Fee claims guide instead.

Talk To An Expert Solicitor

It couldn’t be easier to start a data breach claim against Loughborough University when you contact Legal Expert. Our experienced, friendly advisors are ready to help you. All you need to do is:

Resources To Learn More About Data Protection Breaches

Making A Claim For Data Breach Stress – Here, we take a deeper look at the stress that could be caused by a data breach, and how to assess whether you could claim.

Housing Association Data Breaches – Find out if you could claim for a Housing Association’s breach of your personal data with this helpful guide.

Time Limitations For Compensation Claims – Here, you can find out more about the time limits that could apply to different types of claim.

Suffering With Your Mental Health After A University Data Breach? – Here, you can find out how to access mental health support.

Actions The ICO Has Taken – This link directs you to the ICO website, and more specifically, recent actions they’ve taken regarding breaches of data protection.

Post-Brexit Data Protection Information – Here, you can find out more about how data protection is handled in post-Brexit Britain.

Other Useful Compensation Guides

Thank you for reading our guide to making a data breach claim against Loughborough University.

 

Guide by Jeffries

Edited by Billing