University Of Sussex Data Breach Compensation Claims Guide
A data breach claim against the University of Sussex could be justified if you’ve fallen victim to a breach because of the organisation’s failings and you suffer damage to your finances or mental health as a result.
When personal data is unlawfully accessed or compromised, you may not be aware of the full consequences straight away. That said, if you are the victim of a data breach you may find that you start receiving odd emails, some of which could be phishing emails.
You could be studying at the University of Sussex, or you may be part of the staff. You could even be a former student or staff member and your personal data is unlawfully accessed or compromised.
Whatever your circumstances, under the General Data Protection Regulation (GDPR), you could have the right to seek compensation if you can prove that you suffered financial or mental damage as a result.
For more information about making a data breach claim against the University of Sussex, please continue reading our guide. For a free, no-obligation consultation, please call a member of the Legal Expert team on our freephone number 0800 073 8804.
Select A Section
- A Guide To Data Breach Claims Against The University of Sussex
- What Are Data Breaches At The University Of Sussex?
- Breaches In The GDPR
- How The Blackbaud Cyber Attack Affected Sussex University
- Higher Education Data Breach Rates
- Cybercrime And Breaches Of Data Security
- What The Victim Of A Data Breach Could Claim In Compensation
- Settlement Calculator For Data Breaches At Sussex University
- How Do I Choose A Data Protection Breach Solicitor?
- No Win No Fee Sussex University Blackbaud Data Breach Claims
- Talk To An Expert
- Resources On Breaches In Data Protection
A Guide To Data Breach Claims Against The University of Sussex
If you are currently studying at the University of Sussex, or you are a former student, the administrators would have collected some of your personal information. Universities, like other organisations, gather personal data of the people they are connected to which includes staff and contractors.
Organisations that collect, process, and store personal data are called data controllers. As such, they must follow the law to protect the information they hold. If they fail to do so and there is a security breach in which you suffer consequent damage, you could have grounds to sue.
We have put together this guide to provide advice on when a case could be valid. The guide looks at the laws that protect personal data and how these must be followed. We also offer information on how a breach in security could occur, and how universities must set in place measures to keep personal data they hold secure to be GDPR compliant.
The guide covers how data controllers must report breaches to the Information Commissioner’s Office (ICO). However, to make a data breach claim you do not have to file a complaint. That said, we offer free legal advice on what to do if you think personal data has been unlawfully accessed.
We have included information on compensation payouts for successful data breach claims and explain how the amounts are worked out. Lastly, we provide advice on how a No Win No Fee lawyer could act on your behalf once your case has been assessed. This means you will not have to find the money to pay any upfront or ongoing fees.
Time Limit for Data Breach Claims
The time limit is 6 years from when you were told of the data breach. If your human rights are affected, the time limit is 1 year from the date of awareness.
To speak to a Legal Expert adviser today, please call the number shown at the top of the page to receive free legal advice.
What Are Data Breaches At The University Of Sussex?
According to the Information Commissioner’s Office (ICO) the definition of personal data is as follows:
- Personal information that identifies a person whether the data is combined with other information or not
The sort of information a university collects, processes, and stores could include:
- Your name
- Address which includes your email address or your IP address
- Date of birth
- Proof of identity documents, like your passport or driving license
Your financial information could also be held, as well as your medical information, although other data could also be collected by a university. This collection would apply to students, staff, donors, and alumni.
The Consequences of a Data Breach
When there is a breach in a university’s cyber-security, your information could be unlawfully accessed. The ICO defines data breaches as follows:
- Your privacy is compromised
- Confidentiality is negatively impacted
- The availability/integrity of your personal information is compromised
The incident could have involved a breach of the university’s cyber-security, or it could be due to the following breaches:
- Network security
- Computer security
- An unlocked filing cabinet
- Negligence in handling physical files
The consequences of a data breach could lead to the following:
- Personal data is lost or stolen
- The data is unavailable/inaccessible
- It is transmitted/shared without permission
- Disclosed without it having been authorised
- Unlawfully accessed
- Corrupted
- Altered
- Destroyed
Breaches in a University’s Cyber-security
A breach in the university’s cyber-security could occur for a number of reasons which includes:
- A member of staff/admin makes an error whether intentional or accidental
- Malicious acts
- A virus
- Data being transmitted to the wrong recipient/recipients
- Hackers/cybercriminals
- Malware, ransomware, phishing, spyware, bots
- Distributed Denial of Service Attacks (DDoS)
- Theft of devices/computers
- A failure to securely lock filing cabinets
A data breach incident involving Blackbaud, a database service provider for many universities, happened in 2020. The University of Sussex was one of the higher education facilities negatively impacted by the breach. The Uni contracted Blackbaud to manage its database of contacts, including alumni.
However, Blackbaud fell victim to a ransomware attack. More on this can be found in the section below which goes into the breach in greater detail.
If you can show that you’re the victim of a University of Sussex data breach, you could have grounds to sue for compensation if you suffer damage to your finances or mental health.
A member of the Legal Expert team can assess whether your case is valid. If it is, you would be offered the chance to pursue a claim on No Win No Fee terms by one of our data breach solicitors.
To speak to an adviser, please call the freephone number at the top of this page to receive free legal advice.
Breaches In The GDPR
The EU’s General Data Protection Regulation (GDPR) was ratified into UK law when the Data Protection Act came into force in 2018. There are seven principles that all organisations that collect personal data must abide by. These are:
- Only necessary personal data should be collected, processed, and stored
- Personal data must not be used for any other reason than the purpose it is collected for
- Data controllers must be fair, transparent, and abide by the law
- The personal data must be securely kept
- Only the minimum of personal data should be collected
- Personal information must be accurate and kept up to date
- Data controllers should be held accountable in cases of breaches
If a university (the data controller) fails to keep your personal information secure as a result of a breach, you could sue for compensation if you can prove it was their fault and you suffered damage as a result.
A member of the Legal Expert team will answer any questions you have. They will provide free legal advice on whether or not a data breach claim against the University of Sussex could be justified.
How The Blackbaud Cyber Attack Affected Sussex University
As previously mentioned, the University of Sussex was one of the many universities affected by the Blackbaud hack. The data breach occurred back in 2020 when the database service provider was the victim of a ransomware attack.
Blackbaud paid a ransom to the cybercriminals although the amount remains unknown. The cloud service provider was confident that all stolen personal data was destroyed. The hack is thought to have affected students, donors, staff as well as alumni.
Other universities affected by the Blackbaud data breach include:
- Loughborough University
- University of Leeds
- The University of London
- Reading University
- University College, Oxford
- Birmingham University
- De Montfort University
- University of Strathclyde
- The University of Exeter
- University of York
- Oxford Brookes University
If you can show that you were negatively affected by the Blackbaud data breach, please get in touch with an expert adviser who will assess whether you have grounds to sue for compensation. If so, we will walk you through the process of making a data breach claim. It’s likely that a claim would be pursued against Blackbaud as opposed to the university.
Source: https://www.bbc.co.uk/news/technology-53528329
Higher Education Data Breach Rates
Figures published by the Information Commissioner’s Office (ICO) reported the following data security trends:
- Between July 2020 and September 2020 the ICO received 336 reports of data breaches affecting Higher Education facilities
The report broke down these figures to include the following:
- Ransomware attacks – 29
- Phishing emails – 24
- Unauthorised access – 16
- Data sent to incorrect recipients – 84
- Paperwork/files lost or left for unauthorised people to see – 15
Redscan, the cyber-security firm published a report on university data cybersecurity, which found:
- Over half of the universities that answered a Freedom of Information request had contacted the ICO to report a data breach during the preceding 12 months. Each of the universities reported an average of 2 data breaches in a 12 month period (Source: https://www.redscan.com/news/state-of-cybersecurity-uk-universities-foi-report/)
If you would like information on how to go about making a claim for data breach compensation, please get in touch today. An adviser will assess whether you could make a data breach claim against the University of Sussex.
Cybercrime And Breaches Of Data Security
Universities like all other organisations that collect, process, and store personal data must abide by the law. Furthermore, a university should have robust cybersecurity in place because they can be the target of cybercriminals. The reason being that many universities carry out essential research, and hold sensitive information which cybercriminals could sell on.
Hackers and cybercriminals have more sophisticated tools at their disposal which allows them to gain access to sensitive information in the following ways:
- Phishing attacks are the most common and dangerous cybercrimes. Thousands of phishing emails are sent to universities every year
- Install spyware, malware, and ransomware
- Steal information
- DDoS attacks (Distributed Denial of Service)
If you are the victim of a data breach due to a cyber-crime, please speak to a member of our team today. An adviser can provide free legal advice on how best to proceed with a data breach claim against a university.
What The Victim Of A Data Breach Could Claim In Compensation
Under the General Data Protection Regulation and the Data Protection Act, you have the right to seek compensation when you are the victim of a data breach. As such, if you can show the university failed to keep your personal information secure and you suffered mental or financial harm as a result, you could seek data breach compensation.
You can claim for both material damage and non-material damage in a successful data breach claim against the University of Sussex as explained below:
- Material damages are awarded to compensate financial losses and other expenses
- Non-material damages are awarded to compensate for mental harm
Therefore, in a successful data breach claim against the University of Sussex, you could claim for the following:
- Emotional distress caused by a data breach
- Anxiety or stress
- Post-traumatic stress disorder
- Any financial losses you incurred because of the data breach
- Damage to your credit ratings
To find out if you have a valid data breach claim against the University of Sussex, please contact Legal Expert today. All claimants who contact us benefit from an initial, no-obligation consultation which is free of charge.
Settlement Calculator For Data Breaches At Sussex University
You may be asking what compensation payout could be awarded in a successful data breach claim against the University of Sussex. It is worth noting that all claims are unique. As such, without detailed information on how a breach affected you, providing an accurate idea of a compensation payout is challenging.
That said, we have included a table that provides a general idea of how much data breach compensation could be awarded in a successful claim.
Type of Harm Caused by a Data Breach | Severity of harm | General Damages Awarded to Claimants – Judicial College Guidelines (JCG) | Further Notes |
---|---|---|---|
Psychiatric injury/harm caused to a claimant because of a data breach | Severe | £51,460 to £108,620 | Prognosis is poor and claimants experience symptoms that could be permanent. Vulnerability is an issue and an ability to lead a normal life is negatively impacted |
Psychiatric injury/harm suffered because of a data breach | Moderately Severe | £17,900 to £51,460 | Claimants suffer the same symptoms as detailed above. However, their prognosis is a lot more positive |
Psychiatric injury/harm caused by a data breach | Moderate | £5,500 to £17,900 | Claimants experience the same symptoms are detailed above, but the prognosis is a more positive. Claimants are seen to have marked improvements with treatment and therapy suffer much like those detailed above but with a much better prognosis |
Psychiatric injury/harm caused by a data breach | Less Severe | Up to £5,500 | Mild symptoms of stress, anxiety or depression that resolve in full within a short space of time. |
Post-Traumatic Stress Disorder (PTSD) | Severe | £56,180 to £94,470 | Claimants are unable to work due to PTSD or function as they did before the data breach happened. Symptoms will may be permanent and could having a devastating effect on a claimant’s future life |
For a more accurate idea of how much your own data breach claim might be worth, please get in touch with Legal Expert.
How Do I Choose A Data Protection Breach Solicitor?
You do not have to use a solicitor to make a data breach claim against the University of Sussex. However, this type of claim is often complex and there are legal protocols to follow. As such, many claimants choose to have the legal expertise of a data breach lawyer when seeking data breach compensation.
There are many advantages to working with a solicitor when you make a data breach claim which includes:
- Not having to worry about understanding the many legal terms associated with data breach claims
- Getting legal assistance in gathering enough evidence to support a claim
- Knowing the solicitor will work hard to secure the right compensation payout for you
An experienced Legal Expert data breach lawyer will ensure the case runs smoothly from the outset. Not only this, but our lawyers also offer claimants with valid data breach claims No Win No Fee terms. This means you do not have to worry about paying for legal representation upfront. The only time you pay a No Win No Fee lawyer is when you win your case and you receive compensation.
When you contact one of our advisers they will provide free legal advice on how best to proceed with a claim.
To discuss your data breach claim against the University of Sussex with a member of the Legal Expert team, please call the number at the top of the page. All calls are free of charge and should you not wish to pursue a claim, you would be under no obligation to do so.
No Win No Fee Sussex University Blackbaud Data Breach Claims
Many people worry about the cost of legal representation which can prove expensive if you contact a firm of solicitors who do not offer No Win No Fee terms.
When you get in touch with Legal Expert, the first thing we do is assess your claim. If we find you have strong grounds to sue for data breach compensation, you would be offered No Win No Fee terms by one of the solicitors on our panel.
No Win No Fee agreements allow you to file for compensation without having to pay a solicitor any upfront or ongoing fees. A ‘success fee’ is only payable if you receive data breach compensation.
A No Win No Fee claim works as follows:
- You will be sent a No Win No Fee Agreement which is a legal contract between you and the solicitor who agrees to represent you. Once you return the signed contract back to the solicitor, they can begin work on your case
- In a successful case, your No Win No Fee solicitor will deduct their ‘success fee’ from the amount you are awarded before sending you the balance. This is a small portion of your award and is capped by law
- If you lose your data breach claim against the University of Sussex, you will not have anything to pay the solicitor who represented you on a No Win No Fee basis
To find out whether one of our solicitors could take on your claim on No Win No Fee terms, please get in touch with one of our advisers today to benefit from free legal advice.
Talk To An Expert
If you are ready to begin a data breach claim against the University of Sussex, or you have questions about a claim, please get in touch with a member of the Legal Expert team today. You can reach an adviser in the following ways:
- Call our freephone telephone number – 0800 073 8804
- Fill out our online claim form by clicking here
- Send an email at – info@legalexpert.co.uk
- Use our Live Chat
We offer everyone who contacts Legal Expert a free, no-obligation consultation. This allows you to ask questions and for an experienced adviser to assess your data breach claim.
Resources On Breaches In Data Protection
Before we leave you, we’ve included links to some other resources on data breach claims which you may find useful.
Information about the Data Protection Act 2018:
Reporting a data breach to the ICO
How to report a data breach to the ICO
Claiming compensation for psychological harm
£250,000 Compensation for a Psychiatric Injury
A guide to employer data breach claims
Claiming employer data breach compensation
Our guide to lost personal data:
Other Useful Guides
- University of Northampton Data Breach
- University of Portsmouth Data Breach
- University of Salford Data Breach
- University of Sheffield Data Breach
- University of Southampton Data Breach
- University of Suffolk Data Breach
- University of Surrey Data Breach
- I Suffered Stress Due To A Data Breach, Am I Eligible To Claim Compensation?
- University of the Highlands And Islands Data Breach
- University of the West of England Data Breach
- University of Warwick Data Breach
- University of Westminster Data Breach
- University of Winchester Data Breach
- University of Wolverhampton Data Breach
- University of Worcester Data Breach
- Watford Community Housing Data Breach
- Whitbread Data Breach Compensation Claims
- Wiltshire Council Data Breach
- Wolverhampton Council Data Breach
- Wrexham County Borough Council Data Breach
- Lost and Stolen Devices Data Breach
- Virgin Media Data Breach Compensation Claims
Thank you for reading our guide on making a data breach claim against the University of Sussex.
Guide by Wood
Edited by Billing