Skip to content 
We've been featured in:
Last Updated 19th May 2025. Can you claim for a joint bank account data breach? What do you do when security systems or staff error in a financial institution fails? Can you be compensated if cybercriminals are able to access the personal banking details of you or your partner and steal funds from your joint bank account?
We hope that banks will keep our information safe. But data breaches can happen easily if the legal requirements to keep it safe are not applied. In this guide, we define exactly what constitutes a data breach. We look at what you and your partner can do to be compensated for both your financial losses and the anguish caused if your financial information is breached due to failures to comply with the UK General Data Protection Regulation and Data Protection Act 2018
You can discuss your bank data breach suspicion in complete confidence with a member of our team right now if you would prefer. Simply:
A joint bank account data breach can be when personal information that relates to your financial dealings is involved in a security incident either by being:
Breaches can make it easier for criminals to commit fraud and identity theft. The data breach can be an accidental human error or a deliberately negligent act or the result of outside cybercriminals who have managed to infiltrate the bank’s security defences.
The Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR) describe detailed procedures that all organisations and businesses must follow if they process personal data. This is to ensure that errors with data are kept to an absolute minimum and that the data rights of a data subject are as protected as much as possible.
In order to uphold a claim for a personal data breach, it is necessary to show that there was ‘positive wrongful conduct’ on the part of the data controller – those organisations that say why and how data is processed or data processors.
An independent body called the Information Commissioner’s Office (ICO) is set up to uphold information rights. It has the power to issue fines against any data controller that fails to adhere to good data practices as identified in the Core Principles.
Banks and building societies need to retain a great deal of personal information about us. We provide this information on the trust and understanding that they have the required procedures in place to protect it. Some examples of this data include:
Banks may need to retain copies of these items and share them across their own internal departments. Each time an employee encounters your personal information they are bound by UK GDPR law to take personal accountability for the way it is handled.
The ICO gives a detailed record of enforcement action taken against organisations and businesses for data breach issues or mishandling of personal information. Financial services feature heavily and some recent examples include:
Statistics from the cyber data breaches and attacks survey offer an insight into the data security issues. The survey included 1,419 businesses: 741 micro firms, 265 small firms, 210 medium firms, 203 large firms and 487 charities.
You or your partner may have a concern that a bank has not handled your personal information with the lawfulness and protection required by UK GDPR. If so, you can start to assemble proof of this for a joint bank account data breach claim.
Requesting and assembling the relevant proof can be complex. Although you are able to do this yourself, the help of a legal professional with data breach experience can be vital. Speak with our team for help on this if you wish. Steps to take when beginning your joint bank account data breach claim include:
Any significant breach in personal data needs to be reported by the data controller to the ICO within 72 hours of discovery. They may or may not investigate. Furthermore, the ICO does not pay compensation to you, but you can complain to them directly about your bank if you discover a problem and wish to involve them. Their involvement can add much-needed support to your complaint.
If you can prove that your bank mishandled personal information in a way that damaged you, speak to our team.
After a Court of Appeal case Vidal-Hall v Google, it was recognised that it is possible to suffer emotional anguish after a data breach, irrespective of whether you suffered financial loss. The two are no longer necessarily connected in a claim for damages and you are now able to seek either one or both.
With this in mind, it is still essential to have evidence that proves the emotional and financial damages. Non-material damages relate to the stress or anxiety the data breach caused you and how it damaged your health.
They can therefore be monetarily assessed using the same tool used for other personal injury compensation claims called the Judicial College Guidelines. An example of their award brackets for mental distress shows:
| Psychiatric Harm Severity | JC Guideline Brackets | Supporting Notes |
|---|---|---|
| Mutliple injuries and special damages | Up to £500,000+ | Multiple injuries with the associated financial impact |
| Psychiatric Harm - (a) that is severe in nature | £66,920 to £141,240 | Extensive mental health issues with very poor future prognosis |
| (b) Moderate to severe in nature | £23,270 to £66,920 | Less acute than the bracket above, but still significant with ongoing coping problems |
| (c) Moderate in nature | £7,150 to £23,270 | A better prognosis that show a marked improvement over time |
| (d) Less Severe in nature | £1,880 to £7,150 | Takes into account length of condition, and extent to which daily activities are impacted |
| Post-Traumatic Stress Disorder (PTSD) - (a) Severe in nature | £73,050 to £122,850 | Permanent impact that prevents the person from resuming a normal life |
| (b) Moderately Severe in nature | £28,250 to £73,050 | A better prognosis than above after professional intervention but disability remaining for foreseeable future |
| (c) Moderate in nature | £9,980 to £28,250 | Overall a good recovery with ongoing disability being minor |
| (d) Less Severe in nature | £4,820 to £9,980 | A full recovery within 12 - 24 months and a persistence of only mild symptoms |
These are not certain awards, merely guidelines. However, if you or your partner can demonstrate mental health suffering to a similar level because of the data breach, you could apply for a similar amount in damages.
Material damages are the actual financial losses that you suffered. This can be either from the joint bank account data breach itself or your need to spend money trying to deal with it. For example, in a severe case, you may have needed to completely relocate. Or put your children in another school due to the invasion of privacy. Retain all proof of costs as these could form part of your total compensation award.
One of our expert solicitors could help you to make a joint bank account data breach claim. You are not legally obliged to work with a solicitor in order to make a compensation claim. However, you could be eligible to access these incredible services:
Our solicitors have already helped our clients to gain over £80 million in compensation so far. If you are eligible to proceed, they will provide you with the customer-focused services we have mentioned and draw on decades of combined experience to help you gain compensation.
Get in touch with our advisors today to find out if you can claim for a data breach on a joint bank account. A compensation award could help you recover from the mental and financial impact of a data breach. We offer advice with no strings attached, so reach out today for more information.
At Legal Expert, we can provide No Win No Fee data breach solicitors. This affords you several instant advantages:
Data breach cases can be complex. Assembling the right proof to show the bank was at fault can also be time demanding. Whilst anyone is free to represent themselves in data breach claims against a bank, it is worth considering the ease and convenience a professional can bring to your case. If you would like to learn more, please get in touch by:
In addition to joint bank account data breach topics, the following resources offer more reading on the subject:
