If you’ve been affected by a data breach, you may have suffered financially, but you could also have suffered stress, anxiety or loss of sleep because of the data breach. Whether the breach occurred due to criminal activity, such as a phishing attack, hacking or malware, or it occurred due to negligence or an error by a member of staff, you could potentially make a data breach compensation claim. This article examines what is meant by a data breach claim against the University of Reading.
In the sections that follow, we explain what personal data is, and how it could be breached. We also, look in some detail at the data protection laws that are meant to protect your data security. In addition, we explaining how you could go about taking action if you’ve been harmed due to a breach of data protection laws.
We also show you how we could help you get the maximum compensation possible for your claim with the help of a Legal Expert solicitor. If you have any questions about making a claim or would like to get started right away on your claim, you can reach the Legal Expert team on 0800 073 8804.
Select A Section
- A Guide To Data Breach Claims Against The University Of Reading
- What Is A Breach In Data Protection At A University?
- Does The GDPR Apply To University Data?
- How Was Reading University Impacted By The Blackbaud Data Breach?
- What Percentage Of UK Universities Have Had Data Breach Incidents?
- Criminal Breaches In Cyber Security
- What Compensation Could You Have The Right To Claim?
- Calculating Settlements For Data Breach Claims Against The University Of Reading
- How To Make A Complaint And Seek Compensation
- No Win No Fee Data Breach Claims Against The University Of Reading
- Contact A Solicitor
- Related Guides And Advice
A Guide To Data Breach Claims Against The University Of Reading
Have you suffered financial or psychological harm due to a data breach? Did you know that you could make data breach claims against universities if they have breached data protection laws? Data breaches could happen through a cyber attack. Also, negligence in protecting network security, or an employee’s error. This guide has been put together to help you if you’ve suffered financial loss, stress or anxiety because of a data protection breach.
Below we will explain in detail what could happen if your personal data has been breached. We’ll explain how organisations should go about adhering to the laws that protect your personal data, including the Data Protection Act 2018 (DPA) and GDPR. In addition, we give you some examples of how university have been affected by data breaches in the past, such as the Blackbaud data incident. Importantly, we will explain how compensation could be calculated for data breach cases. Finally, we’ll explain how you could start a data breach claim with the help of one of our No Win No Fee solicitors. If after reading this guide concerning the potential criteria for a data breach claim against the University of Reading you have further questions please do not hesitate to call our team.
What Is A Breach In Data Protection At A University?
According to the UK data protection regulator, the Information Commissioner’s Office, personal data is:
- Data that could be used on its own to identify a natural living person
- Data that could be combined with other data to identify a natural living person
The ICO lists several kinds of data that could be considered personal data, including:
- Your name
- IP address
- Your contact details
- Location details
- Date of birth
- Your e-mail address
Sensitive Data
Other data that may need to be protected;
- Political views
- Sexual orientation
- Ethnic origin
- Biometric data
- Religious beliefs
What Do We Mean By A Data Breach?
The ICO cites a data breach as being a breach of data security that leads to unlawful or accidental:
- Data destruction
- The loss of data
- Data alteration
- Disclosure of data without authorisation
- Data access without authorisation
What Could Cause A Reading University Data Breach?
Data breaches could be caused by human error, negligence or malicious/criminal activities. Examples could include:
- Criminal hacking
- Ransomware, spyware, DDoS or malware attacks
- Negligent attention to computer security
- A virus
- Phishing
- A member of staff sending personal data to an incorrect recipient in error
How Could A Data Breach Impact Me?
You could be affected by a data protection breach in a number of ways, including:
- Financially – If someone has managed to access your financial accounts with the information they have obtained, they could steal from you. Someone could also assume your identity and apply for credit or make purchases in your name.
- Psychologically – If a privacy breach has led to sensitive information being accessed, you may suffer a privacy violation. You could suffer anxiety, stress, or lose sleep over a data breach too.
Data protection laws allow those affected both materially (financially) and non-materially harmed to claim compensation if someone has breached data protection laws. To find out if you could make a data breach claim against the University of Reading then call our advisors today.
Does The GDPR Apply To University Data?
Universities need to collect, store and process lots of personal data in order to employ staff and provide education to students too. However, this is not the only personal data they could collect, process and hold. They may collect information from donors to the university, and they may also have alumni data on file. Any organisation that collects, processes and stores personal data must adhere to data protection laws so that the data is protected
What is GDPR?
The General Data Protection Regulation (GDPR) is the most far-reaching and stringent data protection law. The UK’s application of GDPR is enshrined in law in the Data Protection Act 2018. It requires data processors and controllers to:
- Only process data in a manner that is fair and lawful
- Also only Collect information in a way that is explicit, legitimate and specified
- In addition, not processing data in a way that could be considered excessive
- Only process information in a way that is adequate and relevant
- Ensure data accuracy by keeping it up to date
- Importantly, data is kept secure
- Finally, ensure it is only stored for as long as it is necessary for the purpose it has been collected for
If there has been a data protection breach by a university, the ICO could investigate the data breach and take action against it. They may fine an organisation if there has been a breach.
How Was Reading University Impacted By The Blackbaud Data Breach?
In 2020, there was a large data breach that affected some UK universities. One of the universities affected by the Blackbaud data breach was the University of Reading.
What Is The Blackbaud Hack?
In May 2020, a company providing database services to a number of UK universities, Blackbaud, was hacked in a ransomware attack. Some of the data that was accessed in the attack was information for the University of Reading and Henley Business School alumni. While no financial data was thought to have been accessed, it did lead to unauthorised access to data.
Source: https://www.bbc.co.uk/news/technology-53528329
Non Malicious Data Breaches
We should stress that although the Blackbaud data breach could be the result of malicious attacks, not all breaches of data privacy are malicious in nature. Some examples of non-malicious breaches include:
The University of Greenwich – In 2018, the university was fined £120,000 by the UK data protection regulator (the ICO) when a microsite created by a student was not closed down correctly after the event, breaching the personal data of over 19,000 people.
The University Of East Anglia – In 2017, information about one of its staff members was sent to over 300 students.
Source: https://www.bbc.co.uk/news/uk-england-norfolk-41934027
What Percentage Of UK Universities Have Had Data Breach Incidents?
In 2020, an article was published by RedScan which revealed some worrying information about the security of information held by universities. In the article, it was revealed that:
- A worrying 54% of university respondents to a freedom of information request had reported data breaches to the ICO in the last 12 months
- 46 percent of staff were not provided with security awareness training
- Just 51 per cent of universities issue security training to students.
Source: https://www.redscan.com/media/The-state-of-cyber-security-across-UK-universities-Redscan-report.pdf
Criminal Breaches In Cyber Security
Not every data breach claim stems from criminal activity. However, there are certain common criminal threats that could affect a university, including:
- Phishing attempts – criminals could gain unauthorised access to personal data through phishing attacks. Where users are directed to a dummy site set up to replicate a well-known domain name. They enter their details, believing it to be legitimate. Redscan cites this as one of the most dangerous methods of attack. Source: https://www.redscan.com/media/The-state-of-cyber-security-across-UK-universities-Redscan-report.pdf
- Ransomware– As we explained above when we discussed the Blackbaud data breach. A ransomware security incident could mean criminals are able to gain access to an online database. So they could demand a ransom for the safe destruction of stolen data. These attacks could be made via access through a virtual private network (VPN).
- Viruses, malware and DDoS attacks – All of these attacks could lead to a breach of data protection.
- Theft of information – This could lead to a breach of data privacy that affects personal information, but it could also concern sensitive research information.
What Compensation Could You Have The Right To Claim?
Victims who have suffered material and non-material harm due to a university data protection breach to claim compensation for the harm they’ve suffered.
- Material harm is financial harm. This could include the quantifiable value of fraudulent purchases made in a victim’s name, or monies stolen from them, for example.
- Non-material harm could include a loss of privacy and psychological harm caused by the breach of data protection. Anxiety, loss of sleep, depression and stress could be included within such a claim.
Victims could claim for psychological harm caused by a data breach even when there has been no loss of money because a case from 2015 set a legal precedent that could allow this. In Vidal-Hall and others v Google Inc [2015] – Court of Appeal. The issue of psychological injury compensation was considered by the judge presiding over the case, and he said this type of compensation could be considered. Meaning the compensation could be calculated in accordance with personal injury claims.
Calculating Settlements For Data Breach Claims Against The University Of Reading
If you’ve suffered harm from a breach of data protection, you might wish to get an idea of how much your claim could be worth. Therefore, you may want to do this before you go ahead with a data breach claim against a university. Calculating the financial expenses caused by a data protection breach could involve looking at evidence such as bank statements and credit card statements. This would help to calculate the actual financial cost of the breach.
Claiming For Psychological Injury
Calculating data breach compensation for psychological injuries is a little more difficult. You will be invited to undergo an assessment with an independent medical professional. This is to obtain evidence of the psychological harm you’d suffered. They would review your previous medical notes, examine you and write a medical report. This report would detail your injuries. Additionally, their professional opinion on your prognosis. This could be used to calculate an appropriate payout amount.
To give you some guidance on what levels of compensation could be appropriate for different severities of psychological injury, we look to the Judicial College Guidelines. This publication, which could be used to hone in on an appropriate value for your mental suffering. It is updated annually and provides guidance that solicitors could use when calculating injury compensation.
Injury Type | Compensation Guideline Bracket | Severity level |
---|---|---|
PTSD/Post-traumatic stress disorders | £3,710 to £7,680 | Less severe |
PTSD/Post-traumatic stress disorders | £7,680 to £21,730 | Moderate |
PTSD/Post-traumatic stress disorders | £21,730 to £56,180 | Moderately severe |
PTSD/Post-traumatic stress disorders | £56,180 to £94,470 | Severe |
Psychological damage (General) | £1,440 to £5,500 | Less severe |
Psychological damage (General) | £5,500 to £17,900 | Moderate |
Psychological damage (General) | £17,900 to £51,460 | Moderately severe |
Psychological damage (General) | £51,460 to £108,620 | Severe |
How To Make A Complaint And Seek Compensation
If you’re intending on reporting a data breach at the University of Reading, you could take a look at the data breach reporting policy. Also, your complaint could be directed to the person mentioned in the university data breach policy. Therefore if reporting a University of Reading data breach you should describe how you believe the breach has happened. In addition, how it has affected you. Furthermore, you could escalate your complaint to the Information Commissioner’s Office. They may then investigate your complaint.
Many claimants prefer to use a lawyer when making a claim for a university data breach in the UK. This is because there are certain benefits to doing so, including:
- Not having to take on the hard work of proving a claim’s validity
- Never having to negotiate with the university for compensation
- Not having to worry about how long they could have to make their claim (your solicitor would be aware of the relevant time scales (6 years for data breaches, 1 year for human rights breaches) and would ensure they took action before the claim was time-barred
- Having confidence their solicitor would be able to fight for the maximum payout possible for their claim
It is vital that a university takes steps to reduce the risk of a data breach. Therefore, this could be done by using all reasonable means, such as encryption of information. Also, a firewall and other cyber security software. Whether you’ve suffered a data breach due to the university’s negligence in ensuring your data is protected, because of a human error or because of a malicious attack, call our team today you have your case assessed.
How To Choose A Lawyer For A Data Breach Claim Against The University of Reading
You might be questioning how do I go about finding a solicitor for a data breach claim against The University of Reading. We are aware that if you search online for a law firm that could help you will get a lot of results. There are lots of firms that promise to provide you with quality lawyers that could get you compensation, but here at Legal Expert we have great reviews from previous clients that could convince you that we deliver on our promises.
When you choose to work with Legal Expert on your claim, you could benefit from:
- Free legal advice
- As well as, free eligibility checks
- Importantly, No Win No Fee data breach lawyers
- Top-quality customer service
- Great communication
- Also a great track record
- To conclude, many years of knowledge and experience in the industry
If you’d like to learn more about our services and how we could help you, why not call our team. We’d be happy to have a chat about your case for free and tell you how we could help you get the compensation you deserve.
No Win No Fee Data Breach Claims Against The University Of Reading
Now that you have read this guide on whether or not you could make a data breach claim against the University of Reading you might wonder what you need to do next. Using a solicitor to help you with a data breach claim might be something you’re considering. But did you know that if you make a claim with a No Win No Fee solicitor, you wouldn’t have to pay them a penny in legal fees until they’d achieved a payout for you?
The No Win No Fee Claims Process Explained
- You would receive a Conditional Fee Agreement from your solicitor. You’d be asked to read, sign and then return. This document would lay out a fee known as a success fee. A legally capped amount would usually be a small percentage of your total payout.
- Once you had signed and returned the agreement, your solicitor would begin to build your case and negotiate a compensation settlement on your behalf.
- Once your compensation had been paid out, the success fee would be taken from it. Furthermore, you’d benefit from the balance.
Also, if no compensation payout was achieved, you would not have to pay your solicitors costs or the success fee.
We know you might have some questions about making claims in this way. We have produced a useful guide to help you. Or, if you’d rather talk to our team and have your questions answered over the phone, you could call our freephone helpline instead.
Contact A Solicitor
If you have any questions regarding a data breach claim against the University of Reading, then we could help. For free legal advice, or to benefit from a free eligibility check, or to begin a claim with one of our solicitors, simply:
- Firstly, call us on 0800 073 8804
- Or, E-mail the team at info@legalexpert.co.uk
- As well as, using our online contact form to get in touch
- Also, use our handy Live Chat messaging service
Related Guides And Advice
Thank you for reading this guide on – data breach claim against the University of Reading – below we have provided more resources for your benefit.
Guide To Protecting Data In The Cloud– The ICO has produced a guide aimed at organisations that use cloud computing.
How To Get Help With Mental Health Concerns – You can find out how to get help with mental health issues here.
How Long Would I Have To Make A Claim?– Depending on the type of claim you’re making; the limitation period could vary. Find out what limitation period applies to different claims here.
Claiming Compensation For Data Loss– Are you considering making a compensation claim for a data loss incident.
Data Breach Stress Claims– Making a claim for data breach stress? This guide could assist you.
What Are My Data Rights– You can find out about your rights on the ICO website.
Other Compensation Guides
- Merseyside Police Data Breach
- North Tyneside Council Data Breach
- Crown Prosecution Service Data Breach Compensation Claims
- University Of Leeds Data Breach Compensation Claims
- School Data Breach Compensation Claims
- NHS Data Breach Compensation Claims
- Failure To Use Blind Carbon Copy (BCC) On Email – Can I Make A Data Breach Claim?
- University Of Birmingham Data Breach Compensation Claims
- University Of Exeter Data Breach Compensation Claims
- HSBC Bank Data Breach Compensation Claims
- Data Breach Compensation
Written By Jefferies
Edited By Melissa.