Has my personal data been breached?
There are a number of ways you may become aware that your personal security data has been breached. Under the rules of GDPR, organisations guilty of breaching your personal data must tell you about the breach (unless the breach is unlikely to cause you any loss). You may find out about a personal data breach because:
You are notified about the data breach
- You have received an email or communication from an organisation notifying you of the breach.Whenever a large data breach happens, affecting hundreds or thousands of individuals, the company will send the affected individuals a standard notification about the breach.They will usually include details of when the breach occurred; how it happened; what data was breached; the steps taken to remedy the breach; and they may suggest that you seek independent legal advice. They mention this because an organisation has a duty to inform you of your rights; if you have received a communication of this type and if you have suffered because of a breach, this is helpful evidence to support you if you decide to make a claim for compensation.
You hear about the data breach
- You have heard/read about a data breach involving an organisation to which you have given your personal data in the past.Sometimes, organisations don’t notify individuals about a breach; this may be accidental, or they may have been unable to get in touch with you.If you hear about a breach which may affect you and your personal data, you should contact the company and find out whether your data was included in the breach which you have read about. You should try to do this in writing so that you have written evidence confirming that your data has been breached.
You regularly receive junk emails
- You are receiving a large amount of junk emails.This could indicate that your data has been breached. However, if you have received no notification, it is impossible to know who is responsible for this. If you are receiving junk email regularly, you can check whether your data has been breached on websites such as Have I been Pwned?. This website allows you to enter your email address and will check to see if your personal data has been breached and by whom. The results of the search will tell you if your data has been breached; when this happened; what data was affected; and the name of the company in breach. With this information, you should contact the company (in writing) to confirm if your data has been breached.You should be aware that you can only make a claim for compensation if the breach occurred within the last six years. If the breach happened more than six years ago, you will not be able to make a claim. However, if the breach occurred within the limitation period and the organisation confirms the breach in writing, then this can be used as evidence to support you in a claim for compensation.
You receive scam emails
- You might have received a scam email from an unknown person claiming to know personal information about you and demanding payment of money or this information will be revealed.This sort of email can cause serious distress and if they are convincing enough, you may be tempted to meet the demands if the blackmailer.If you have received an email of this type, we would advise you to check whether your data has been breached as set out above. If this has happened to you, you can read more about scam emails here.
We understand how distressing it is to hear that your personal data has been stolen, misused or lost by a company. Data breaches aren’t just limited to private companies and they can also be committed by public companies including educational institutions, police and criminal justice system, governmental bodies or medical practitioners.
If you have found out that your personal data has been breached by a public or private company, DRM Legal is here to help. Get in touch for advice on how to make a claim or complete our simple claim form here.