Advice On Claiming If Your Password Has Been Part Of A Data Breach

By Stephen Yutani. Last Updated 18th September 2024. If your password appeared in a data leak, this can be a deeply distressing time. That’s why we have created this guide to making a personal data breach after your password has been part of a data breach.

You’ll see information on what a personal data breach is, the evidence you can use to prove the organisation in question caused the breach, and how data breach compensation is calculated for the two types of damage you can claim for.

At the bottom of the guide, we examine the No Win No Fee contract offered by our expert panel of data breach solicitors, and why claiming for a password leak under such terms will be of great benefit to you.

Our advisors can assess your eligibility to claim data breach compensation for free, as well as provide further guidance on the claims process. Talk to us today using the details given here:

  • Call us on 020 8050 3051
  • You can also contact us through our website.
  • We also operate a live chat service that you can access on your screen now.

A man holding a digital sphere in his fingers that says 'data breach'.

Choose A Section

  1. What Is A Password Data Breach?
  2. Can I Claim Compensation For A Password Data Leak?
  3. What Should I Do If My Password Has Been Part Of A Data Breach?
  4. What Evidence Could Help You Claim If A Password Has Been Part Of A Data Breach?
  5. What Is Your Potential Compensation Payout?
  6. Why Seek Data Breach Compensation On A No Win No Fee Basis?
  7. Learn More About Using No Win No Fee Data Breach Solicitors

What Is A Password Data Breach?

A personal data breach is described as a security incident that impacts the confidentiality, availability and integrity of your personal data. As such, if your password is part of a data breach and this allows a third party to access your personal information, you may be able to claim.

Personal data can be defined as any detail that, used alone or in conjunction with other details, could reveal or infer your identity. Passwords have the potential to allow access to all this personal data. For example, your full name and email address can both be examples of personal data.

Personal data also includes special category data, which is information that is sensitive in nature, and, as such, needs added protection. This can include your trade union membership status, information regarding your sexuality, and health information. This includes information regarding your medical conditions.

Two pieces of legislation protect the data rights of UK residents; these are the Data Protection Act 2018 (DPA) and UK General Data Protection Regulation (UK GDPR).

These rights are enforced by an independent body called the Information Commissioners Office (ICO), which can investigate and issue penalties against organisations that fail to adequately comply with the UK GDPR and DPA.

Read on to learn more about the criteria for making a personal data breach claim, or get in touch to get started.

Can I Claim Compensation For A Password Data Leak?

Not every breach of data protection legislation will become a valid claim. This is because you must suffer harm due to a personal data breach to claim.

This means that the breach must be caused by wrongful conduct on the party of the organisation. For example, an instance of human error could lead to passwords being compromised by an email data breach.

It is also essential that the breach contains your personal data and that it causes you to suffer harm. This could be psychological harm, or financial harm.

You can start a personal data breach claim for up to six years following the breach. However, this will fall to one year if you intend to make a claim against a public body.

If your password has been part of a data breach, and this has allowed a third party access to your personal data, you may be able to claim. Contact our team today to learn more.

What Should I Do If My Password Has Been Part Of A Data Breach?

If you have been notifed that your password has appeared in a data leak then it’s important to take prompt action. A failure to do so could see you caught up in the impact of the breach, with your data accessible to unauthorised individuals.

The first and most important step is to change your password. If you have used the same password on other accounts or platforms, you should change these too.

It can also help to change your email address associated with the account for an extra layer of security.

Some accounts and platforms also allow you to enable two-factor authentication. This involves entering a code that is sent to your phone or device which you then enter to access your account. This can prevent people from accessing your details with just your email address and password.

What Evidence Could Help You Claim If A Password Has Been Part Of A Data Breach?

If your password has been part of a data breach and you intend to make a claim, gathering evidence to strengthen your case could be of help. You can collect this evidence by yourself or with the help of a solicitor.

Evidence that could be used to help strengthen your claim can include:

  • Any correspondence from the organisation regarding the data breach issue, such as a letter of notification.
  • Medical records that detail the psychological harm you have suffered due to the breach
  • Bank statements or credit card statements that financial harm caused by the breach
  • Correspondence with the Information Commissioner’s Office, such as an order against the organisation to pay a fine

A solicitor from our panel may be able to help you gather this evidence and could help you further strengthen your case. Contact our advisors today to learn more about how a solicitor could help you if your password has been part of a data breach.

What Is Your Potential Compensation Payout?

Two areas of potential compensation may apply that reflect the material and non-material harm caused. Non-material damage compensation addresses the impact the breach has on your mental health. For example, compensation for anxiety, depression, or PTSD following the breach would fall under this head.

The table below illustrates award brackets as listed in the Judicial College Guidelines (JCG), a document used often by legal professionals to help them value claims. This is because it contains guideline compensation amounts for various injuries and illnesses. The figures below relate to non-material damage compensation, but please note that they are guidelines only and not guarantees. Also note that the figure in the top row is not from the JCG.

Type of InjuryGuideline Compensation FigureNotes
Very Severe Psychological Harm with Significant Financial LossesUp to £500,000 and aboveThe injured person will have suffered very severe psychiatric harm in addition to substantial material damage
Psychiatric Harm(a) Severe - £66,920 to £141,240A poor prognosis for the impacted person and permanent issues in areas of work, personal relationships and education.
(b) Moderately Severe -£23,270 to £66,920 Significant problems that represent a long-standing health issue but with a more favourable prognosis than the bracket above.
(c) Moderate - £7,150 to £23,270Symptoms show a significant amount of improvement by the time of trial.
(d) Less Severe - £1,880 to £7,150This award bracket reflects the length of disability and how symptoms affect day-to-day activities.
Post-Traumatic Stress Disorder (PTSD)(a) Severe - £73,050 to £122,850The symptoms are so severe in this bracket that there is no ability remaining to work or function at the pre-trauma level.
(b) Moderately Severe -£28,250 to £73,050A significant level of trauma, but improvements are seen after professional treatment.
(c) Moderate - £9,980 to £28,250Largely a recovery with any persisting symptoms not being grossly disabling.
(d) Less Severe - £4,820 to £9,980Virtually a full recovery within a 1 - 2 year period and any remaining symptoms being minor.

Could You Claim For Material Damage When Seeking Data Breach Compensation?

As well as acknowledging the compensation for distress caused after your password has been part of a data breach, the financial harm you suffer is known as material damage. Material damage compensation can cover money that is stolen from your bank account, illegal charges to your debit or credit cards, and damage to your credit score.

For more help on calculating compensation, please contact our team of advisors today.

Why Seek Data Breach Compensation On A No Win No Fee Basis?

If you’re eligible to claim compensation because your password has been part of a data breach, then your case could be supported by a No Win No Fee solicitor on our panel. When a solicitor from our panel agrees to support your claim, they will offer what’s called a Conditional Fee Agreement (CFA).

Claiming because some of your passwords have appeared in a data leak with a solicitor under a CFA usually means the following:

  • You won’t have to pay your solicitor for their services before the data breach claim starts or while it is being processed.
  • You also usually won’t need to pay for your solicitor’s work if the claim fails.
  • If your claim is successful, then your solicitor will take a success fee as their payment. To cover this, the solicitor will take a small, legally capped percentage from your compensation. The legal cap provides a guarantee that you’ll get to keep most of your compensation.

Want to learn more about claiming with a No Win No Fee solicitor when your password has appeared in a data leak? Contact our advisors today to ask questions about working with a solicitor or about other steps of the claiming process. To reach our team, you can:

A keyboard with an extra key labelled 'security breach' sitting on top of it

Learn More

For more articles about personal data breach claims:

Or, for more helpful resources:

Thank you for reading our guide on what to do if your password has been part of a data breach.