
What to do when your manager or employer shares your personal information with other employees UK
Have you suffered emotional distress or financial harm as a result of your employer sharing your personal information? If so, you could be eligible to
Are you a USS member who had an account of Capita before the 31st of March 2023? If so, then there’s a high chance that your data was breached alongside 370,000 other members. Contact us today to join them in their compensation claim against Capita.
Data breaches have been featured in
£4,000 Average Claim
Customers, on average can claim up to £4,000+ from incidents of data breach
Free Expert Advice
Experts are ready and waiting to advise you in any way you need
No win, no fee
All solicitors work on a no win, no fee basis. 100% free, unless your claim is successful
60 second check
It only takes 60 seconds to begin your check for a potentially huge payout
No risk involved
There’s no risk in checking. It will not affect your credit score and it’s free
The USS, or Universities Superannuation Scheme, is one of the largest private pension schemes for universities and other institutions within higher education in the United Kingdom. Capita is a business that provides valuable administrative support for the USS and other pension schemes.
On the 31st of March, Capita noticed that there were unauthorised individuals accessing their server. Three days later, on the 3rd of April, Capita announced confirmation of the cyber attack but claimed there was no evidence of customer data being accessed and/or copied.
However, after beginning an investigation, it was discovered that the hackers had indeed done just that. The records that had been accessed and/or copied date back to 2021, totalling a whopping 370,000 members having potentially had their information leaked.
This means Capita failed to keep the personal information of their members safe as per the Data Protection Act 2018, meaning they are open to compensation claims from affected people.
On the 31st of March, files as far back as 2021 were accessed and may have been copied. Capita has stated that the likelihood of attempted identity thefts as a result of this breach is low, but the following is what has been leaked:
At the time of the announcement, the finer details of the breach was unclear, such as when it happened and how. However, since then, not only has information on a second breach become available.
We will go over the details of both breaches below.
Capita’s March 2023 breach was a massive one, and will likely damage the company beyond recognition.
The breach affected members of over 60 pension schemes.
Of all these schemes, the largest by far is the USS Scheme. With over 370,000 members affected, the scandal is often referred to as the USS Data Breach at times.
Are you a member of any of the companies affected? If so, you should get in contact with us ASAP to see if you are viable for a data breach.
Despite only being two months away from one of the largest data breaches in 2023, Capita had another incident that caused panic in the government.
It was found that Capita had been keeping sensitive information regarding benefits on publically accessible channels.
This prompted many local authorities to scramble and put their security into overdrive, as they were under the belief that the data of their organisations, and the clients which used them, was compromised.
Compensation claims for data breaches aren’t limited to those who have suffered financial losses. Numerous claims have been initiated due to emotional distress caused by the breach. Indeed, the potential harm from, for instance, the disclosure of your home address, can lead to significant stress and hardship, thereby justifying claims solely based on emotional distress.
An example of this is the fairly infamous “Vidal-Hall vs Google 2015”, which was a landmark ruling in the UK in the data breach realm. Through illegally accessing and placing trackers on others’ computers, Google was able to target specific advertisements towards the victims.
Although this doesn’t sound like a massive deal to the average person, it was to those affected. This is because the people who had their data breached underwent a large amount of emotional distress from the targeted campaign. As a result, the UK Court of Appeal ruled in their favour, claiming that even if you do not lose financial or material damage, you can still receive compensation for your pain.
This decision marked a significant change in the UK Law regarding data breaches, increasing the level of care many organisations that hold personal data had when dealing with it.
The Data Protection Act 2018 represents the UK’s adaptation of the General Data Protection Regulation (GDPR). It’s a thorough architecture for data protection law in the UK, replacing the previous 1998 Data Protection Act.
The main facets of the Data Protection Act 2018 encompass:
Failure to comply with the Data Protection Act 2018 can lead to substantial fines. Therefore, it’s crucial that businesses comprehend their responsibilities under this law and take necessary measures to ensure compliance.
Want to know if you qualify? It’s simple and takes only a moment of your time. Just complete a brief form with some basic information, which will then be sent to a professional data breach claims handler.
If you’re concerned about the cost of such specialised service, rest assured – all our legal experts handling data breaches operate on a no-win, no-fee basis.
This implies that initiating a claim will not incur any out-of-pocket expenses for you. A service fee is only charged upon a successful claim, and this is deducted from your compensation sum.
Don’t delay. Take the first step towards potential compensation by signing up for a free consultation today.
USS Members released a statement on their website regarding the issue:
“Capita recently reported a cyber incident involving hackers targeting some of its computer servers – potentially impacting several of the cross-sector businesses it serves. We use Capita’s technology platform (Hartlink) to support our in-house pension administration processes and have been liaising closely with the company over the course of its forensic investigations.
While it has been confirmed that USS member data held on Hartlink has not been compromised, we were informed on Thursday 11 May that regrettably details of USS members were held on the Capita servers accessed by the hackers. The information potentially accessed includes: Their title, initial(s), and name; their date of birth; their National Insurance number; their USS member number Capita have also informed us that retirement dates were contained in the files. The details, dating from early 2021, cover around 470,000 active, deferred and retired members. While Capita cannot currently confirm if this data was definitively “exfiltrated” (i.e., accessed and/or copied) by the hackers, they recommend we work on the assumption it was. We are awaiting receipt of the specific data from Capita, which we will in turn need to check and process.
Members will be given access to a leading identity protection service, free of charge, and we will be writing to them as soon as possible setting out how that will work. We have published an update on the USS website and have provided the following Q&As, which we hope will address any immediate questions members may have. Members can also email mydata@uss.co.uk if they have any further queries not covered on www.uss.co.uk. We are proactively engaging with Capita in respect of their ongoing investigations and are considering the next steps available to us. We also continue to engage with them about the ongoing support they will be providing to those affected. ”
Capita claims that they cannot confirm whether or not the data was tampered with, but this still puts a lot of people in a poor predicament. After all, instead of anything conclusive, those who had their information tampered with are now faced with not knowing what the level of danger is. As such, we agree with Capita’s own recommendation – to proceed to assume there’s a serious threat to people’s security.
Since the 31st of March, until confirmation of the breach’s effects had been announced, there were 48 days that had passed. Capita claimed to be investigating during this time, but we have to wonder just how much time really would’ve been needed to uncover what was and wasn’t accessed.
Free Consultation
We offer a free data breach consultation to anyone who is looking to make a claim
No win, no fee
If your case or cases have no financial payout to you, you don’t pay a single penny
Data breach experts
We use dedicated data breach solicitors who have handled thousands of data breach claims
Peter is a solicitor who has worked as a professional litigator for 3 years. More recently Peter has specialised in data breach compensation claims and over the last 2.5 years has gained a wealth of knowledge in this sector. Peter now works with us to share his knowledge and inform the general public.
Data breaches have been featured in the national press.
Click one to see more.
Have you suffered emotional distress or financial harm as a result of your employer sharing your personal information? If so, you could be eligible to
In this guide, we will explain the steps you could potentially take should your personal data be compromised in an NHS data breach. For compensation
Every week it seems as if another data breach is reported in the news. With so much of our personal information held online and by
Alternatively, give one of our solicitors a call free on 0333 241 2521
Lines open 9am – 5pm Mon to Fri
Data-Breach.com has dealt with over 14,000 data breach enquiries
Our lines are open 24/7
Egerton House, 2 Tower Road, G5D, Birkenhead CH41 1FN
© DataBreach Claims 2023. Data Breach Claims is a trading name of JF Law Limited company number 09222224. JF Law are registered and regulated by the Solicitors Regulation Authority (SRA Number: 619586) and with the Law Society. This website is operating in accordance to the privacy policy. Data Breach Claims connects clients to regulated solicitors who deal with data breaches. We do not perform any legal services but simply connect you to a legal representative.