Whether your personal data has been hacked, disclosed, lost, stolen or subjected to unauthorised access, a University of Newcastle data breach could have a number of unwelcome consequences. If you’ve been financially or emotionally affected by such a breach, you may be wondering whether you could make a claim against the University of Newcastle for data breach compensation. This handy guide has been created to help you.
Universities, just like other organisations that control and process personal data, must abide by certain data protection laws. If they breach your data, they could be in breach of the Data Protection Act 2018, or the General Data Protection Regulation (GDPR). And if you are harmed by such a breach, these laws could allow you to claim compensation.
In the sections below, we explain all about personal data, how universities should work to protect it, and how it could be breached.
We also explain how compensation payouts could be calculated for both financial and psychological harm caused by a data breach, and how a Legal Expert lawyer could fight for the maximum compensation achievable for your claim.
If you would like to speak to us about the information contained within this guide, or you’d like us to check your eligibility to claim, you can call us at any time on 0800 073 8804 and we’ll be glad to advise you.
Select A Section
- A Guide To Data Breach Claims Against The University Of Newcastle
- What Is A Data Breach By The University Of Newcastle?
- Breaches In The GDPR By Universities
- Newcastle University And The Blackbaud Data Protection Breach
- Rates Of Data Protection Breaches Affecting Universities
- Cyber Attacks And Hacks Affecting Universities
- Ways In Which People May Be Compensated After A Data Breach
- University Of Newcastle Data Protection Breach Compensation Calculator
- Could A Solicitor Help Me Make A Data Protection Breach Claim?
- Could I Make A No Win No Fee Claim For A Data Breach By The University Of Newcastle?
- Talk To An Expert
- References
A Guide To Data Breach Claims Against The University Of Newcastle
Whether you work for the University of Newcastle, are a former student or are currently studying there, you would expect the university to have collected some of your personal data that is necessary for them to provide you with work or education.
You could also expect them to protect that personal data, in line with data protection laws such as the General Data Protection Regulation (GDPR) or the Data Protection Act 2018 (DPA). But what happens if they fail in that duty due to negligence, human error or a malicious cyber-attack, for example? In which instances could you make a data breach claim against the University of Newcastle, and do you need a lawyer to help you claim? These questions and more are answered in the sections below.
In this guide, we offer information to help you if you’re considering making a claim for a data breach by the University of Newcastle. We’ll explain how long you may have to make a university data breach claim, as well as describing some data security incidents that have led to universities in the UK being fined by the Information Commissioner’s Office (ICO).
In addition to this, we explain the different types of compensation that could be awarded in a data breach claim against a university.
We hope you find this guide helpful, but if you have further questions or want to begin a claim right away, you can call our freephone number at any time for assistance.
What Is A Data Breach By The University Of Newcastle?
Before we discuss the question of ‘what is a data breach’, we should initially explain what is meant by personal data. The Information Commissioner’s Office (ICO) states that personal data is:
- Information relating to a person that could be used on its own to identify them
- Information relating to a person that could be used with other information to identify them
Personal data could include information such as:
- A person’s name
- A person’s address
- Someone’s contact details
- Their IP address
- A student ID number
Some data could be considered more sensitive than other data. According to data protection law, sensitive information should be afforded a higher level of protection. Some examples of what could be considered sensitive information could include a person’s:
- Medical information
- Bank details
- Religious beliefs
- Sexual orientation
- Race
- Political opinions
- Biometric information
What Is A University of Newcastle Data Breach?
A University of Newcastle data breach claim could result from a data security incident that caused a person’s data to be:
- Lost
- Unlawfully transmitted, disclosed, altered, stored, processed or accessed
- Stolen
- Made unavailable
How Could Such A Breach Happen?
While you may assume that all breaches would arise due to a cyberattack, or a hacking, such as the Blackbaud hack, which we explain in detail further on in this guide, this is not always the case. In some instances, data breaches could be caused by human error or negligence. Examples of what could lead to a data breach include:
- Phishing
- Malware
- Viruses
- E-mails being sent to the wrong address
- Devices containing personal data being lost or stolen
- Failing to provide sufficient computer security or network security protection
How You Could Be Impacted By A Newcastle University Data Breach
There are several ways in which you could be affected by a University of Newcastle data breach, including:
- Financially – If your data is hacked by a cybercriminal and they gain enough of your information to access your financial accounts, they could potentially steal money from you. They could also use your identification details to make purchases or they could steal your identity and apply for finance in your name.
- Emotionally – If you’ve been the victim of a data breach, this could cause you a significant amount of stress. Whether you’ve been stolen from, or you’re worried about who has accessed your data, this could cause you anxiety and stress.
- Loss of Privacy – if sensitive information has been exposed, you may feel that you’ve suffered a privacy violation
The laws that are in place to protect your personal data allow victims of a data breach to claim compensation if they’ve suffered financially or emotionally because of such a breach. Here at Legal Expert, we could help you launch a data breach claim against the University of Newcastle if you can prove that you’ve suffered harm as a result of an ICO data protection breach.
Breaches In The GDPR By Universities
GDPR is the strongest data privacy and security law globally. The UK application of GDPR is enshrined in law through the Data Protection Act 2018. It requires every data processor and data controller to ensure that:
- The processing of such data is fair and lawful
- The collection of such data is explicit, specified, and legitimate
- The processing of such data is relevant, adequate and not excessive
- Such data is regularly updated to ensure accuracy
- Such data is secured and stored for only as long as necessary
Breaches of GDPR and the Data Protection Act could lead to a university being investigated by the Information Commissioner’s Office, and enforcement action could be taken against organisations that have breached such laws.
In addition to this, victims of data breaches that have suffered material/non-material harm could claim compensation under these laws.
Newcastle University And The Blackbaud Data Protection Breach
We mentioned earlier in this guide that some UK universities were affected by a ransomware attack known as the Blackbaud hack. Newcastle University was one of the universities.
What Was The Blackbaud Hack?
Blackbaud is a cloud computing database service provider that services several universities in the UK. It was hacked in 2020 and a ransom was demanded by the perpetrator of the attack, which Blackbaud paid, in order for the hacked data to be destroyed. While they were confident that the destruction of the data hacked was completed, and that no financial information was accessed in the hack, this still represents a breach of personal data.
Source: https://universitybusiness.co.uk/headlines/data-breach-at-eight-uk-universities
Other Examples Of Data Breaches
Another Newcastle University data breach incident occurred in September 2020, when personal data of the university’s students was leaked on the dark web. The attack was perpetrated by a cybercrime group known as Doppelpaymer. This was thought to be another ransomware attack. Investigations were still ongoing at the time of posting.
Source: https://thetab.com/uk/newcastle/2020/11/02/newcastle-students-data-including-home-addresses-leaked-on-dark-web-after-cyber-attack-52213
Not all data breaches involve cybersecurity attacks, however. Some are accidental or caused by negligence. Examples of such breaches that have affected universities include:
- Greenwich University – The ICO fined the university £120,000 in 2018 because they failed to adequately protect a microsite from being accessed online. The microsite, set up by a student, contained the data of almost 20,000 people.
- University of East Anglia – This university commenced an urgent investigation after the personal data of one of its staff was sent to around 300 students in 2017.
Source: https://www.bbc.co.uk/news/uk-england-norfolk-41934027
Rates Of Data Protection Breaches Affecting Universities
A worrying report by IT Governance in August 2018 revealed that:
- 54% of UK universities admitted to reporting data breaches to the ICO in 2019
- The majority of Freedom of Information request respondents also admitted there were shortcomings in their ability to prevent a data breach
- 46% of university employees were not given security awareness training
- Universities spend just over £7,500 on average per year on employee education
- Just under half of the universities that responded provide security training to students
Source: https://www.itgovernance.co.uk/blog/54-of-universities-reported-a-data-breach-in-the-past-year
Cyber Attacks And Hacks Affecting Universities
There are several common threats that could affect a university. A university should have in place a university data protection policy to demonstrate how they protect student, staff and employee data. They should also have a robust university data breach policy in place to handle such breaches if they happen.
Threats that could affect universities in particular could include:
- Data theft – This may affect research data as well as personal data. In 2020, the NCSC (National Cyber Security Centre) was reported to have believed organisations conducting coronavirus vaccine research were targeted by Russian spies. (Source: https://www.bbc.co.uk/news/technology-53429506)
- Password attacks – Where keystroke recorders or other password guessing software is used
- Phishing -Where users are directed to fake sites so that cybercriminals can steal login credentials. This is thought to be one of the most dangerous forms of attack that affects universities, according to a Redscan report. (Source: https://www.redscan.com/media/The-state-of-cyber-security-across-UK-universities-Redscan-report.pdf)
- Malware/viruses/ransomware – these could all cause data to be lost, destroyed, stolen, accessed or transmitted unlawfully
Whether you’re considering making a data breach claims against the University of Newcastle because of criminal activity, negligence or human error, we could help you get the compensation you deserve. Why not call our team today to start your claim?
Ways In Which People May Be Compensated After A Data Breach
GDPR allows for victims of a data breach to claim compensation for what are known as non-material and material damages.
- Material damages are the quantifiable expenses caused by a data breach. They could include fraudulent purchases made in your name, and monies stolen from you, for example.
- Non-material damages are more difficult to put a value to. They could relate to psychological injuries caused by a data breach, including anxiety, stress and loss of sleep. They could also take into consideration the loss of privacy.
It is important to recognise the legal precedent that could allow a victim of a data breach to claim psychological injury compensation. The case that set such a precedent was Vidal-Hall and others v Google Inc [2015] – Court of Appeal, which involved 3 claimants who pursued claims against Google Inc for anxiety and stress caused by a breach of their data protection.
It was decided that compensation could be awarded for psychological injuries, even in the absence of any financial harm. It was also recommended that compensation for such injuries should be valued in line with personal injury law.
University Of Newcastle Data Protection Breach Compensation Calculator
When calculating compensation for a University of Newcastle data breach, all the evidence must be examined to see where damages occurred. For financial (material) damages to be calculated, evidence such as credit card and bank statements could be useful. However, calculating the psychological impact of a data breach is a little more complicated.
If you intend on making a data breach claim against the University of Newcastle for psychological harm, you would, as part of your claim, need to attend an appointment with an independent medic, who would review your medical notes and talk to you about the impact the breach has had on you.
They would then compile a report that evidenced your injuries and gave a professional opinion on your prognosis. This evidence could be used to calculate an appropriate settlement.
To give you some idea of appropriate settlement amounts for different levels of psychological injury, we look to the Judicial College Guidelines, a publication that could be used by solicitors and the court to come to an appropriate settlement amount. We have detailed these figures in the table below.
Injury type | Compensation Bracket According to the Judicial College Guidelines | Level of Severity |
---|---|---|
Post-traumatic stress disorder/ PTSD | Up to £7,680 | Less severe |
General psychiatric Injury | Up to £5,500 | Less severe |
Post-traumatic stress disorder/ PTSD | £7,680 to £21,730 | Moderate |
General psychiatric Injury | £5,500 to £17,900 | Moderate |
Post-traumatic stress disorder/ PTSD | £21,730 to £56,180 | Moderately severe |
General psychiatric Injury | £17,900 to £51,460 | Moderately severe |
General psychiatric Injury | £51,460 to £108,620 | Severe |
Post-traumatic stress disorder/ PTSD | £56,180 to £94,470 | Severe |
If you’d like a more detailed valuation, please get in touch with our team. Once they know more about your case they’ll be able to provide more accurate advice on a potential value.
Could A Solicitor Help Me Make A Data Protection Breach Claim?
If you’re considering making a data breach claim against the University of Newcastle without legal support, it may be wise to carefully consider your options before you go ahead. There are various benefits of having experienced legal support when making such claims, which could include:
- The knowledge that any time limitations would be taken into account, and that your lawyer would ensure action was taken before your data breach claim against the University of Newcastle became time-barred (6 years for data breaches, 1 year for breaches of human rights)
- The knowledge that you would not have to take on the hard work of proving your claim
- The confidence that your lawyer would have the capability to build the strongest case for data breach compensation
- The confidence that the lawyer could have the capability to fight for the maximum settlement possible for your claim
Choosing Your Lawyer
We are aware that there are many law firms across the UK that could help you make a data breach claim against a university, but we believe we could be the perfect choice for you.
Our knowledge and experience have built up over years of helping claimants get the compensation they deserve, and we’d like to bring our knowledge and experience to your claim too. By choosing Legal Expert for your Newcastle university data breach claim, you could benefit from:
- Free, expert legal advice
- A free, no-obligation eligibility check
- No Win No Fee lawyers
- Great communication and customer service
We’re confident we could help you fight for the maximum payout possible for your claim, as we have for many other satisfied clients. You can read our reviews to see what they’ve had to say about our service. Whether you’re ready to claim with us or have further questions, why not give us a call today to get the guidance and support you’re looking for?
Could I Make A No Win No Fee Claim For A Data Breach By The University Of Newcastle?
When you’re considering making a data breach claim against the University of Newcastle, you might be wondering how to go about paying for legal assistance. With Legal Expert, you wouldn’t have to pay any legal fees to your solicitor until such time as your case was settled and your compensation payout had been made. This is because all of our lawyers work on No Win No Fee terms. The claims process generally works as follows:
You’d be sent a document known as a Conditional Fee Agreement which you’d be asked to sign and return to your solicitor. This would set out the amount payable to your lawyer as a success fee when they achieved a payout for you. The fee is subject to a legal cap and represents a small proportion of your compensation.
Once you have signed and returned the document to your lawyer, they would start work on your claim, building a strong case on your behalf and negotiating for a compensation settlement. Once your compensation had been paid out, the success fee would be deducted from it, with the rest of the payout for your benefit.
What Happens If My Claim Fails?
If your claim did not result in a payout, under No Win No Fee terms you would not be required to cover your lawyer’s costs or pay the success fee.
If you would like to know more about how such claims work, you can always call our team. Alternatively, you could take a look at our guide that covers No Win No Fee claims in more detail.
Talk To An Expert
If you’re ready to begin a data breach claim against the University of Newcastle, you have any questions, or you’d like us to check whether you could be eligible to claim compensation, we’re here to help. Our team are available anytime:
- Via telephone: 0800 073 8804
- Via E-mail: info@legalexpert.co.uk
- Through Live Chat
- Or you could use our contact form to get in touch.
References
Breach Of Data Stress Claims – We have produced a guide specifically aimed at those that have suffered distress due to a breach of data. You can access this here.
How Long Do I Have To Claim – It is vital that compensation claims are made before they become time-barred. This guide offers some insight into limitation periods.
Post Brexit Data Protection – What’s Changed?– This page on the ICO website explains what has changed with regards to data protection now the UK has left the EU.
Data Breaches By Housing Associations – You could also be eligible to claim compensation if a housing association has breached your data. Find out more here.
What Action Can the Information Commissioner’s Office Take? – You can read about what actions the ICO has already taken against organisations that have failed to adhere to data protection laws here.
Support For Mental Health – If your mental health has suffered as a result of a data breach, this useful page from the NHS website could help you seek support.
Other Useful Compensation Guides
- Can I Claim Compensation For A Passport Data Breach?
- Travelodge Data Breach Compensation Claims
- BT Data Breach Compensation Claims
- Hertfordshire Constabulary Data Breach
- Virgin Mobile Data Breach Compensation Claims
- Royal Bank Of Scotland Data Breach Compensation Claims
- Anglia Ruskin University Data Breach
- Experian Data Breach Compensation Claims
- Bedfordshire Police Data Breach
- British Transport Police Data Breach
- Human Error Data Breach Claims
Thank you for reading our guide to making a data breach claim against the University Of Newcastle.
Guide by Jeffries
Edited by Billing