We've been featured in:

Teesside University Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Teesside University Data Breach

A data breach claim against Teesside University could be warranted if you can show that you’ve suffered damage to your finances or mental health because of the failings of the organisation.

A university is responsible for keeping secure the personal data they collect, process, and store. A failure to do so could entitle you to seek data breach compensation. The General Data Protection Regulation together with the Data Protection Act 2018 stipulates that all data controllers and processors have a duty to protect the personal information they hold.

Teesside University data breach claims guide

Teesside University data breach claims guide

Our guide to seeking compensation for a data breach at Teesside University provides essential information about data protection law. We go into your rights to seek compensation under the GDPR, and we offer advice on what type of compensation can be claimed.

If you are the victim of a data breach, we explain how and when you could report the incident to the Information Commissioner’s Office (ICO). We provide a rough idea of how much your data breach claim against Teesside University might be worth, and how one of our No Win No Fee solicitors could represent you.

For more advice on seeking data breach compensation, please continue reading our guide by clicking on the sections below. If you would like to discuss your potential claim with one of our expert advisers, please do so by calling our freephone helpline at 0800 073 8804.

Select A Section

A Guide To Data Breach Claims Against Teesside University

No matter how personal information is compromised, the effect it has on you could be devastating. You may suffer financial losses, identity theft, or you could suffer mental trauma, especially if the problem turns out to be permanent.

The General Data Protection Regulation (GDPR) together with the Data Protection Act 2018 gives you the right to seek compensation. You can make a claim for material damages (financial harm) and non-material damages (mental harm) if you are the victim of a data breach.

We have put together this guide to seeking data breach compensation to provide information on a university’s legal obligation to keep data secure. We go into your rights to help you work out whether you can seek redress by making a data breach claim against Teesside University.

Our guide also explains how the Information Commissioner’s Office (ICO) has the power to issue hefty fines to organisations that are not GDPR compliant. We go into the process of reporting a data breach to the university and to the ICO. Our guide also offers a rough idea of how much a data breach claim could be worth. Additionally, we offer advice on the sort of damages you could include in your claim against the university.

Lastly, we provide advice on how you could be represented on a No Win No Fee basis by one of our data breach solicitors. We explain how Conditional Fee Agreements (CFA) work, and how you could benefit from having a No Win No Fee solicitor act on your behalf.

Remember, if you have any questions, please don’t hesitate to get in touch on the number at the top of this page.

Time Limits to Making Data Breach Claims Explained

There is a time limit to making a data breach claim against Teesside University. This is set at 6 years from when you were made aware of the breach. However, if your human rights are negatively impacted, the time limit is 1 year from the date of awareness.

As such, we recommend that you get in touch with a solicitor as soon as you can and that you begin a data breach claim sooner rather than later.

For free legal advice and to find out if your data breach claim against Teesside University is valid, please speak to a member of the Legal Expert team today. An adviser can be reached on the freephone number shown at the top of the page.

What Are Data Breaches At Teesside University?

You could be the victim of a data breach and not even know about it for a while. The breach could involve cybersecurity, but it could also occur when a physical file is accessed without permission. Either way, if the university fails to keep your personal data secure, they could be in breach of the GDPR.

When your personal data is compromised it could result in the following:

  • Information is lost
  • Personal data is stolen
  • Your data is no longer accessible
  • Personal information is shared without authorisation
  • Data is corrupted, altered, or destroyed

What Can Cause a University Data Breach?

A university data breach could be caused by several events/incidents and could include the following:

  • Staff/admin error
  • Malicious act
  • A virus
  • Hackers
  • Data sent to wrong people
  • Ransomware
  • Malware
  • Phishing
  • Spyware
  • DDoS attacks (Distribution Denial of Service)
  • Stolen devices/computers
  • Vulnerabilities in cybersecurity
  • Physical files are not locked away

The Role of the Information Commissioner’s Office

The Information Commissioner’s Office (ICO) has the power to impose hefty fines on UK organisations that fail to collect, process, and store personal data correctly. The ICO defines personal data as:

  • Information/data that directly or indirectly identifies an individual

The type of information Teesside University may collect, process and store in their systems could include:

  • Your name and address which includes an email address and an IP address
  • Your medical information
  • Financial data

A university may collect other information which they are legally obliged to protect, such as medical histories. If there is a data breach and your personal information is accessed, leading to you suffering stress or financial losses, you could seek data breach compensation. This is where Legal Expert can be of assistance.

We offer everyone who contacts us an initial, no-obligation consultation which is free of charge. This allows an experienced adviser to assess your case. Once we have determined you have strong grounds to sue, we will introduce you to a No Win No Fee solicitor from our panel of lawyers.

To discuss your case with a member of our team, please call an adviser on the freephone number at the top of the page.

Why Universities Need To Apply The GDPR

In 2018, the General Data Protection Regulation came into force. The GDPR is a piece of EU legislation, enacted into UK law in 2018 when the updated Data Protection Act came into effect.

The law provides ‘data subjects’ more control over how their personal information is collected, processed, and stored. A data subject is someone’s whose information an organisation holds, and any organisation that holds data is a ‘data controller’. Sometimes controllers will contract ‘data processors’ to carry out work on their behalf, such as Blackbaud.

A university is a data controller and therefore, must follow the law to protect all personal data they hold for data subjects. There are seven key principles of the GDPR which are:

  1. Only the minimum amount of data should be gathered
  2. Not to use data for any other purpose
  3. Transparency, lawfulness, and fairness
  4. Accuracy – data should be kept up to date
  5. Integrity and confidentiality (security)
  6. Accountability
  7. Data ought to be stored for no longer than necessary

If you have evidence that you’ve been impacted in a data breach, a member of the Legal Expert team can assess your case free of charge. To find out more, please get in touch with an adviser on the telephone number at the top of the page.

How Higher Education Bodies Have Been Affected By Data Breaches

Cybercriminals target universities because many of these institutions hold sensitive research material. These incidents happen more often than most people think with some of the more serious breaches resulting in hefty fines being issued by the Information Commissioner’s Office (ICO).

One example of how universities in the UK were negatively impacted by a data breach occurred when Blackbaud was the target of a cyberattack in 2020. The cloud service provider, which looks after the contact databases of a number of universities, was the victim of ransomware.

Ransomware is a form of computer virus that encrypts data, steals it and holds it for ransom. Blackbaud paid an undisclosed ransom to the cybercriminals. The personal data of staff, students, alumni, and others was accessed in the breach and the universities affected included:

It should be noted that in this situation, a claim would likely be pursued against Blackbaud, who served as a data processor on behalf of the universities affected. However, it’s worth getting legal advice first, so get in touch to discuss more.

Source: https://www.bbc.co.uk/news/technology-53528329

Do Accidental Data Breaches Occur in UK Universities?

Not all university data breaches are criminal because they can happen accidentally too. An ‘accidental’ data breach involving the University of East Anglia was reported upon not long ago.

A member of staff sent a spreadsheet to 300 incorrect recipients. The spreadsheet contained the sensitive data of students which included bereavements, and health issues. The university opted to compensate the students for the breach, amounting to £140,000.

If you would like to discuss a potential data breach claim against Teesside University with a member of our team, please call an adviser to receive free legal advice on how best to proceed.

Source: https://www.bbc.co.uk/news/uk-england-norfolk-51284352

University Cyber Security Statistics

The Information Commissioner’s Office (ICO) enforces data protection law in the UK and has the power to levy heavy fines to organisations that are non-compliant. A recent survey conducted by IT security firm Redscan found that over half of universities had reported data breaches to the ICO over a period of 12 months.

Out of 86 universities that replied to a Freedom of Information request sent by Redscan, it was also found that:

  • 46% of university staff did not receive ‘awareness training’ in the preceding 12 months
  • Just £7,529 on average is spent on educating university staff every year
  • 51% of universities proactively provided students with security training
  • 37% provided resources to students who requested it

The report concluded that 54% of university staff and 12% of students did not receive guidance or support in managing/dealing with threats in cyber security.

Source: https://www.redscan.com/news/state-of-cybersecurity-uk-universities-foi-report/

ICO Investigations and Data Breach Fines

When the Information Commissioner’s Office investigates a data breach and finds that a university is non-compliant, the fines levied can be substantial. The maximum GDPR data breach fine could be as much as £17.5 million, or 4% of annual global turnover, whichever is greater.

Over recent years, the number of university data breaches has been considerable. The University of Greenwich was fined £120,000 for non-compliance with the Data Protection Act 1998. This was prior to the Data Protection Act 2018 coming into effect.

The data breach involved a microsite that staff failed to secure when it was shut down. Cybercriminals took advantage of the site’s vulnerabilities and gained access to other areas of the server. The hackers got hold of a significant number of people’s data.

If you would like to know more about the legal justifications behind a data breach claim against Teesside University, please get in touch with a member of our team today.

Criminal Data Thefts And Hacks

A report published by the Information Commissioner’s Office (ICO) that covered a 3 month period between January 2021 and March 2021 found the following data security incident trends:

  • There were a total of 2,425 data breachs in the 3 months in question
  • Of this figure, 342 breaches related to the education sector.
  • The causes of these education data breaches included:
    • Phishing – 22 breaches
    • Ransomeware – 34 breaches
    • Unauthorised access – 6 breaches
    • Data emailed to the wrong person – 89 breaches

Universities and Cyber-attacks

Today, the sophisticated tools cybercriminals have at their disposal means that universities and other organisations must install ever more robust cybersecurity. The type of cyber-crimes and attacks on universities include:

  • As we can see from the statistics above, the most common and dangerous form of cyber-attacks are phishing attacks
  • Information theft
  • Ransomware
  • Malware
  • Spyware
  • DDoS attacks (Distribution Denial of Service)

To speak to an adviser about your rights if you’ve been impacted by a data breach by Teesside University, please get in touch today.

Types Of Compensation Your Settlement May Include

Your overall health and well-being could be impacted if you are the victim of a data breach. It may even become a permanent problem, more especially if identity theft is an issue. Data breaches could result in strange and dangerous emails arriving in your inbox.

The General Data Protection Regulation (GPPR) together with the Data Protection Act 2018, entitles you to seek compensation for a data breach. In short, you could claim material damage and non-material damage if your personal information is compromised.

Material damages reimburse your financial losses, whereas non-material damages would compensate you for mental harm. As such, you could claim the following in a successful data breach claim against Teesside University:

For more information on the sort of compensation you could claim and to receive free legal advice on how to pursue a data breach claim against Teesside University, please get in touch with an adviser on the freephone number at the top of the page.

Calculating Settlements For Data Breaches At Teesside University

In the Court of Appeal case of Vidal-Hall and others vs Google [2015], data breach law saw a significant change.

The ruling meant that claimants could seek non-material damages if personal information is compromised in a data breach, even if no financial damage has been suffered. In the past, damage to finances was a requirement in order to seek compensation for mental harm.

Now, you can seek data breach compensation for either form of damage. To give you an insight into potential payouts, we’ve put together the compensation table below using figures from the Judicial College Guidelines (JCG).

Edit
Type of psychological harm/injury Severity Details Amount awarded in general damages based on Judicial College Guidelines
PTSD – Post-Traumatic Stress Disorder Severe Amount awarded reflects the impact of a data breach has on claimant and the severity of PTSD £56,180 – £94,470
PTSD – Post-Traumatic Stress Disorder Moderate to severe Claimant suffers PTSD but not as severe as above. The amount awarded would reflect how a claimant has been negatively impacted by a breach £21,730 – £56,180
PTSD – Post-Traumatic Stress Disorder Moderate Claimants suffer moderate symptoms of PTSD but the prognosis is good £7,680 – £21,730
Psychiatric harm Severe Claimants suffer severe symptoms of psychiatric harm. Their ability to work and lead a normal life is seriously and negatively impacted £51,460 – £108,620
Psychiatric harm Moderate to severe Claimants suffer similar symptoms to those above but the prognosis is somewhat better and the ability to work and lead a normal life improves £17,900 – £51,460
Psychiatric harm Moderate Claimants suffer symptoms but the prognosis is good. However, work-related stress could be an issue £5,500 – £17,900
Psychiatric harm Less severe The amount awarded would reflect how a claimant’s life and well-being have been affected Up to £5,500

For a more accurate idea of how much your potential data breach claim against Teesside University could be worth, please contact one of our expert advisers today.

How Do I Get Compensation For A Data Breach?

If you are thinking about making a data breach claim against Teesside University, you do not have to find a local solicitor to represent you. You can check out solicitor reviews online to find the right person to represent you. This is where Legal Expert can be of assistance. We can introduce you to one of our specialist No Win No Fee solicitors.

Once we have established you have grounds to sue for data breach compensation, you would be offered No Win No Fee terms by our solicitors.

To find out whether you can make a No Win No Fee data breach claim, please speak to a member of the Legal Expert Team today.

No Win No Fee Data Breach Claims Against Teesside University

One of our experienced advisers will assess your case against Teesside University in an initial, no-obligation consultation which is free of charge. When we have determined you have strong reason to seek compensation for a data breach, we will connect you to our No Win No Fee solicitors.

If you agree to the No Win No Fee terms as set out in a Conditional Fee Agreement (CFA), you will not have to pay the solicitor any upfront fees.

You will not have to pay a No Win No Fee solicitor anything if you lose your claim either. This is because you only pay a ‘success fee’ when you receive data breach compensation. The success fee is a small and fixed percentage of the compensation payout you receive.

Please contact a member of our team to benefit from free legal advice and to find out if you have grounds to make a No Win No Fee data breach claim against Teesside University.

Contact A Claims Expert

If you want to learn more about what’s involved in a data breach claim against Teesside University, please get in touch with a Legal Expert adviser today. We provide a free, initial, no-obligation consultation to all people who contact us. An experienced adviser will assess your case and would put you in touch with one of our specialist data breach solicitors.

You can reach a member of our team in the following ways:

Where To Learn More

A Guide to No Win No Fee claims:

Making a No Win No Fee claim

CPS Data breach claim guide:

How To Claim Data Breach Compensation Against the Crown Prosecution Service

Guide to Claiming Data Breach Compensation Against the NHS:

Guide to NHS Data Breach Claims

Information on the Data Breach Act 2018

The Data Protection Act

How to file a report to the ICO (Information Commissioner’s Office):

Make a complaint to the ICO

Thanks for reading our guide to making a data breach claim against Teesside University.

Other Useful Compensation Guides

Guide by Wood

Edited by Billing