EasyJet Data Breach: 9 Million Customers Exposed

The personal details, financial information, email addresses and travel information of nine million customers have been exposed after the budget airline EasyJet was hacked. In addition 2,208 customers have had their credit card details stolen.

If you have been a victim, you may have already received an email directly from EasyJet. EasyJet have promised to notify all customers affected no later than 26th of May 2020.

We have already received hundreds of enquiries from concerned EasyJet customers. If you have received an email confirming that your data was exposed you are eligible to make a claim for compensation. It does not matter if you haven’t suffered financial loss or emotional distress, the mere fact that your data has been exposed permits you to make a claim. Please complete our online claim form in less than 2 minutes to start your claim today. 

If you are a victim of the EasyJet data breach it is important that you are vigilant to any unauthorised use of your accounts and phishing scams. Please update your passwords and be wary of any unsolicited contact from third parties

Lloyd v Google: No Need to Prove Loss or Distress

The Court of Appeal have allowed the appeal of Lloyd v Google exciting many lawyers in the sector.

The decision has a major impact on class action cases but the Court also clarified the position with respect to claiming compensation for damages after a data breach has occurred.

A victim of a data protection breach had to prove that the breach had caused financial loss and / or distress. The Court of Appeal decision effectively changes this position and allows the victim to claim compensation for damages without the need to prove a financial loss or distress. This means that if an organisation breaches data protection laws, the loss of control of an individual’s data is itself enough for which compensation can be claimed.

The risk of exposure, for businesses who do not properly protect customers’ data, is now huge.

However, the story does not end here. Google have already stated their intent to appeal to the Supreme Court. Watch this space…

What is a Data Protection Breach?

Advice on identifying a Data Breach

Article 4 of the General Data Protection Regulation (GDPR) defines a data protection breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.” This definition is quite broad and therefore it is important that you can identify when a data breach has occurred no matter how minor the breach may seem. It is also important that you are aware of your rights.

Personal data breaches are:

  • access by an unauthorised third party
  • deliberate or accidental action or inaction by an organisation
  • sending personal data to an incorrect recipient, for example an email or letter
  • theft of personal data
  • alteration of personal data without permission

Here are some practical examples:

The theft of an organisation’s customer database, the data of which may be used to commit identity fraud. It is the organisation’s responsibility to keep your personal data safe and secure. If an organisation fails in this duty you have the right to make a claim for compensation. As result example of such a breach was the case involving British Airways in which the data of 500,000 customers was compromised.

A GP suffers a breach that results in an accidental disclosure of patient records. There is likely to be a significant impact on the affected patients because of the sensitivity of the data and their confidential medical details becoming known to others.

A school discloses the records of pupil which includes safeguarding measures to another pupil or parent. Again, this is likely to have a serious effect on the pupil in question and is likely to cause a great deal of distress and anxiety.

An organisation disclosing the name, address and contact number to a third party organisation without the permission from the individual in question. The third party organisation then use the personal data to make nuisance sales and marketing calls for an extended period of time.

A bank accidently sends an email containing the account details of a customer to the wrong recipient. This has the potential to cause serious financial problems for the customer given the risk of cybercrime and identity theft.

Data protection breaches can cause financial harm as well as distress and psychological harm in the form of anxiety, worry, embarrassment or feelings of violation.

Financial Harm

If your personal data has been breached you could find your self a victim of identity theft or cyber theft. Criminals could use your identity to open bank accounts or credit cards or they could use your personal data to steal from your bank account, credit cards or any other online payment method. It is important to keep yourself safe from online threats however if you have been a victim of identity or cyber theft, we can help.


Regardless of whether you have suffered any financial loss you can still make a claim if the data breach has caused you distress.
Data protection breaches can have a significant impact on the victim. If you have suffered from upset, anxiety, embarrassment or the breach has caused you physical injury or symptoms, please complete our claim form and we will help you claim for compensation.

If you have been the victim of a data protection breach you have the right to compensation. Get in touch via our website and our team will review your claim and start the compensation process.



Mis-Sold Solar Panel Systems

Installers Mis-Sold Thousands of Solar Panel Systems

We are currently working with clients who were mis-sold a Solar Panel System within the last six years.

From 2013 there was a huge increase in residential property owners buying Solar Panel Systems in the hope that they would help the environment and save money on their energy bills whilst earning an income from feed in tariff (“FIT”) and export tariff payments from the energy provider.

These systems were expensive and could cost anything up to £10,000.00 so the installers of these systems offered their customers a finance package to fund the costs of the system. The installers would act as an agent of the bank and get the customer signed up to a fixed sum loan agreement. The customer would a monthly direct debit to pay for the system over a set period.

Many customers were signed up to loan agreements that last 10 years with a 9.9% APR.

Many of customers purchased systems on finance based on the promises or representations made by the installer. The most common representations were that the system would ‘’pay for itself’’ or that the system was ‘’self funding’’ or that the monthly income from the FIT and export payment along with the bill savings would “offset” the monthly direct debit loan payment.

However, this is simply not the case. Our clients have experienced poor performance from their systems with little returns. In addition to the lack of financial returns many of our clients have suffered property damage as a direct result of the installation of the system.

If you have purchased a solar panel system and believe that your installer mis-represented the performance and returns of the system we can help you make a claim even if the installer has now gone out of business.

If the company you bought the system from has gone out of business but you took out finance (used a credit card or took out a loan) to pay for the system, you can still make a claim under section 75 of the Consumer Credit Act 1974. The Act allows you to pursue a claim against the finance company. This also applies to customers who paid, or part paid, for the system using a credit card. Please note that you are only eligible to make a claim if your system was installed in the last 6 years.

If you feel that you have been affected by this issue complete our general enquiry form and we can help you pursue a claim on a ‘No Win – No Fee’ basis. We will aim to hold the installer and creditor to account and look to write off the loan and recover a refund for all payments made to date.

Estate Agent fined £80,000 for Data Breach

A London estate agents has been fined £80,000 for leaving over 18,000 customers’ personal data exposed.

Life at Parliament View Limited exposed the personal data when they transferred data from an internal server to an associated organisation. The firm failed to ensure the proper privacy functions were in place and in doing so left personal data exposed for over two years. This allowed anyone going online access to all the data stored from March 2015 to February 2017.

The personal data exposed included passports, bank statements, identification documents, salary information, addresses and dates of birth.

In investigation by the Information Commissioner’s Office (ICO) found numerous security failings and found that the firm had not taken the appropriate steps to ensure the data was properly protected. To add insult to injury, the firm did not inform the ICO of the breach until hackers contacted the firm.

There has been a number of large organisations in the news recently who have been subject to millions of pounds worth of fines for serious breaches of data protection. However, it is not just the larger organisations who are obliged to keep our data secure. The smaller firms we deal with every day also have a duty to keep our personal data safe.

If you have been a victim of such breaches of data protection, please complete our online enquiry form and one of our team will contact you within 24 hours.

#dataprotection #keepsafe #bedataaware #mayergoldman

Be Data Aware

Be Data Aware

Protecting yourself and your family from online cyber and data threats is extremely important.

Relatively small measures, such as changing your passwords regularly, can help keep you safe but it’s also important to be data aware. Do you know how your personal data is being collected and used? Since the introduction of the GDPR it is your right to know how organisations use your data.

You may have heard about the recent scandal involving Facebook and Cambridge Analytica. Using an app on Facebook called “thisisyourdigitallife” Facebook shared their customer’s personal data. This affected more than 1 million UK Facebook users. In April 2018, Facebook informed the victims of this breach via their messenger app.

Your personal data has become a commodity, almost everything we do on a daily basis involves sharing our personal data. It makes our lives a lot easier however you have the right to ensure that your data is secured and used legally.

Unfortunately, some organisations do not take the security of your personal data seriously. This can lead to GDPR breaches of data protection. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, the organisation must also inform the victims of the breach without undue delay.

If you have fallen victim of such a breach, please get in touch so we may assist you in making a claim.. If you have suffered financial loss or distress you have the right to make a claim against the organisation responsible. Complete our claim form or request a call back from one of the team so we can start the claims process for you.

British Airways Data Breach