Mortgage Company Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Mortgage Company Data Breach
By Lewis Cobain. Last Updated 12th December 2022. Whether you’ve been with a mortgage company for a number of years or you’ve just obtained your first mortgage, you may have given a mortgage company a lot of personal data. Mortgage companies require a lot of information to make decisions about mortgages, and they should keep the personal data you give them secure. But what happens if you are the victim of a mortgage company data breach? Could you claim data breach compensation from the mortgage company for financial or emotional damages? We answer this and many other questions in the below guide.
Banking data security is something that all financial service providers should take seriously. After all, banks and building societies have a legal obligation to protect the personal data they process. We explain more about the legal obligations these companies have in the sections below. In addition to this, we look at how a banking service data breach could happen, what kind of compensation you could receive. Finally, we offer some insight into how a solicitor from our team could help you get the compensation you deserve. If you’d like to speak to us about a data breach that has affected you, whether to start a claim or have your questions answered, we’re here to help. You can call our expert advisors on 0800 073 8804 at any time.
Select A Section
- A Guide To Data Breach Claims Against A Mortgage Company
- What Is A Mortgage Company Data Breach?
- Who are the top mortgage lenders?
- Does The GDPR Apply To Banks And Mortgage Lenders?
- Mortgage Company Data Breaches Reported To The ICO
- Reporting Of Data Breaches By Mortgage Companies
- How Could Victims Of Mortgage Data Breaches Be Compensated?
- Data Breach Compensation Calculator – How Much Is A Data Breach Claim Worth?
- Steps To Take If Your Mortgage Company Had A Data Breach
- How A Solicitor Could Help If Your Mortgage Company Suffers A Data Breach
- No Win No Fee Data Breach Claims Against A Mortgage Company
- Start Your Mortgage Company Data Breach Claim
Every organisation that processes personal data has a responsibility by law to protect it. Unfortunately, however, while many companies take great care to ensure the security of personal data, sometimes, a data breach could happen. Whether the mortgage company data breach you’ve become a victim of happened by accident, or due to a malicious cyber-attack, you could be eligible to claim data breach compensation for any harm suffered. We have created this guide to explain what you may need to know about making such claims, and show you what compensation you could claim.
Whether you’re looking for a data breach solicitor to help you with a claim or not, there is lots of information in the below sections to help you. We explain what could cause a potential FCA data breach, and what harm you could suffer because of it. We also look at the laws surrounding data protection, explaining how laws such as GDPR and the Data Protection Act 2018 could allow you to claim compensation for a personal data breach or a financial data breach. In addition to all this, we look at the types of compensation you could claim, and how we could help you.
Before we go ahead and explain what could constitute a mortgage company data breach, let us explain what is meant by personal data. According to the Information Commissioner’s Office, the UK’s independent authority for data rights, personal data is:
- Information relating to a natural (living) person that could identify that person
- Information relating to a natural (living) person that could be used in combination with other data to identify a person
Examples Of Personal Data
Examples of personal data could include:
- Phone number
- E-mail address
- Contact information
What Is A Data Breach?
A breach of personal data could happen due to a mistake by a member of staff. It could also happen if the company falls victim to a cyberattack, such as hacking. Other ways in which your personal data could be breached could include:
- Loss or theft of computer equipment
- Insufficient protection of your personal data online
- Mismanagement of personal data
By law, mortgage companies and other organisations should protect your data from such breaches. If they fail to do so, data protection law could allow you to seek data breach compensation for the detrimental effects of the breach. This could include any financial expense arising from a financial data breach, for example, if the breach has meant someone has been able to steal from you. You could also claim compensation for emotional harm you suffer because of the breach.
These are the top mortgage lenders in the UK by market share in 2019.
- Lloyds Banking Group
- Nationwide BS
- NatWest Group
- Santander UK
- HSBC Bank
- Virgin Money Plc
- Coventry BS
- Yorkshire BS
- TSB Bank
- Skipton BS
- Co-operative Bank plc
- OneSavings Bank Plc
- Bank of Ireland
- Leeds BS
- Metro Bank
- Principality BS
- Aldermore Bank
- Paragon Banking Group
- Kensington Mortgages Company
- Legal & General Home Finance
- More 2 Life
- Newcastle BS
- Aviva Equity Release
- Sainsburys Bank
- Danske Bank
- Foundation Home Loans
- Shawbrook Bank
- Vida HomeLoans
- Together Financial Services Ltd
- West Bromwich BS
Data is taken from this resource –
GDPR is the world’s strictest and most wide-reaching data security and privacy law in the world. It requires any organisation that processes personal data to protect it. The fundamental principles of GDPR are:
- Accuracy – organisations must keep accurate and up-to-date data
- Storage limitation – organisations must only store personal data for the shortest time necessary for its specified purpose
- Purpose limitation – organisations must explicitly specify the purpose of data processing.
- Transparency, fairness and lawfulness – organisations must be transparent with every data subject regarding how their data will be processed and they must process data lawfully and fairly.
- Accountability – organisations must be able to demonstrate compliance
- Data minimisation – organisations must collect only the data necessary for the purposes specified.
- Integrity and confidentiality – organisations must not risk data integrity, confidentiality, or security when processing it.
When it comes to the company supplying a mortgage, GDPR would apply to that company. After all, they would process your personal data for the purposes of supplying your mortgage. The Data Protection Act 2018 enshrines in law the UK’s application of GDPR. Section 168 of the Data Protection Act 2018 refers to a data subject’s right to compensation in accordance with Article 82 of GDPR. This means that data subjects that have been harmed by a mortgage company data breach materially or non-materially could potentially seek data breach compensation.
While there do not appear to be any specific GDPR breaches by mortgage brokers listed on the ICO website, some large financial firms have breached personal data.
For example, credit reference agency Equifax received a fine for a data breach in 2017 by the ICO. The incident that led to the £500,000 fine affected up to 15 million UK citizens. The ICO worked with the Financial Conduct Authority to investigate the breach and it was found that Equifax Ltd failed to take steps to ensure its parent company protected data sufficiently. This was in breach of 5 principles within the Data Protection Act 1998 including;
- Lack of legal basis to transfer UK citizens’ data internationally
- Poor retention practices
- Failure to secure personal data
EasyJet Credit Card Data Breach
According to reports, in 2020 over EasyJet customers’ data was breached, including their e-mail addresses, travel details and credit/debit card details. EasyJet notified the ICO of the breach, which was the result of a sophisticated cyber-attack. The stolen information included the CVV number of customers’ credit/debit card details, which could put customers at risk of financial fraud.
FCA Data Breach
Even the Financial Conduct Authority has declared, in response to a Freedom of Information request under the Freedom of Information Act, that it has breached personal data. The FCA breach involved the identity of those making complaints to the authority.
How Could Mortgage Companies Suffer Financial Data Breaches
There are many ways in which a breach of GDPR could happen to mortgage brokers and mortgage companies. A data protection breach could occur because:
- Mortgage documents are sent in error to an unauthorised person
- A mortgage company suffers a loss of data in a cybersecurity attack
- A hacker launches a malware, ransomware or DDoS attack
- Hardware containing personal information is lost or stolen
Whatever the nature of a data breach, if it causes you harm, you could be eligible for data breach compensation. If you’d like us to assess your case to see if you could claim, we would be happy to help.
If you would like to take action after suffering a mortgage company data breach, you may need to complain to the company first. According to the ICO, if you would like to complain about a mortgage lending data breach, or a financial data breach, you could simply write to the organisation that breached your data. You should include as much information as possible about the breach.
If the organisation doesn’t respond satisfactorily or doesn’t respond at all, you could notify the ICO. However, you should do so quickly, as an undue delay in notifying the ICO could mean they don’t investigate. For example, if you had a mortgage data breach in 2019, and hadn’t notified the ICO within 3 months of the last meaningful contact with the organisation, they would be unlikely to investigate.
Taking Legal Action
You are not required by law to have a data breach solicitor if you do not want one. However, they can bring huge benefits as they will have the experience needed to file the claim in full. If you would like to see if you have a valid case for data breach compensation call our advisors today. Through a no-obligation consultancy, they can provide free advice.
There are two types of damages that can be claimed in a data breach case. This could be financial damage, or non-material damage.
If, for example, a financial data breach led to someone being able to steal from you, you could claim compensation for the financial cost of the theft. Or, if a banking data breach had meant someone being able to make fraudulent purchases in your name, you could claim for the expenses you incur as a result. You would need to provide documentary evidence of this. Therefore, it would be wise to keep all these documents safe. If you can’t provide evidence that you’ve suffered financial harm, you won’t be able to claim for it.
Non-material damages could include loss of privacy, and it could also include psychological harm. A legal precedent was set in 2015 to allow for such claims. The case we refer to is Vidal-Hall and others v Google Inc  – Court of Appeal, in which a judge discussed compensating victims of data breaches for psychological injuries caused by a breach. This means that you could claim data breach compensation for anxiety, distress, stress or depression caused by a breach of your personal data.
You may be wondering, ‘how much is a data breach claim worth?’. Since each data breach case is unique, we cannot provide an average compensation amount. A data breach compensation calculator may give you insight into how much your claim could be worth, though it may not be able to show you what you could receive for any material damage.
Our table below features figures from the 16th edition of the Judicial College Guidelines (JCG). Updated in April 2022, the JCG includes compensation amounts for different types of psychological injuries. Legal professionals use the JCG to help value non-material damages.
|Injury type||Compensation Bracket (Approximate)||Level of severity|
|General psychological injury||£1,440 to £5,500||Less severe|
|Post-traumatic stress conditions/PTSD||£3,710 to £7,680||Less severe|
|General psychological injury||£5,500 to £17,900||Moderate|
|Post-traumatic stress conditions/PTSD||£7,680 to £21,730||Moderate|
|General psychological injury||£17,900 to £51,460||Moderately severe|
|Post-traumatic stress conditions/PTSD||£21,730 to £56,180||Moderately severe|
|Post-traumatic stress conditions/PTSD||£56,180 to £94,470||Severe|
|General psychological injury||£51,460 to £108,620||Severe|
If you have any further questions about data breach compensation amounts for the UK, speak to our advisors for free legal advice.
If your mortgage company has had a data protection breach, whether it has breached your banking data security or not, having a solicitor on your side may be the difference between winning or losing your case. When making a claim for compensation it is key to have as much supporting evidence as you could collect. That way your case has a more likely chance of succeeding if you can back up your claims.
If you suffer psychological or financial harm because of a mortgage lender data breach, you could seek data breach compensation. But only if you have suffered as a consequence. As we mentioned, you do not necessarily need to use a data breach lawyer to claim for a mortgage lending data breach. However, there are several reasons why many claimants prefer to have assistance from a data breach solicitor. These could include:
- Not having to take on the (sometimes complicated) legal paperwork required to prove your claim
- Ensuring you have the strongest case possible for compensation
- Making sure legal paperwork is submitted before a claim becomes time-barred
- Ensuring you claim for everything you’re eligible for
- Negotiating the highest settlement possible for your case
- Supporting you through the process if your case goes to court
How We Could Help
Here at Legal Expert, our expert advisors could help you if you’ve been affected by a mortgage company data breach. Our freephone helpline instantly connects you with our expert advisors, ready to talk to you about your claim. We could conduct a free eligibility check with no obligation for you to use our services. We could also answer any questions you might have about claiming. If we believe you could be eligible for compensation, we could provide you with specialist solicitors to help you. We have superb reviews and have helped many claimants successfully get the compensation they deserve. We’d like to help you do the same.
If you’re intending to make a claim and would like a data breach solicitor to help you, you may worry about the costs. However, all of our solicitors work under No Win No Fee terms, which means you wouldn’t pay them until your claim ends and compensation comes through.
How Do No Win No Fee Financial Service Data Breach Claims Work?
The process generally works as follows:
- Your data breach solicitor sends you a No Win No Fee Agreement, detailing the level of success fee you’d pay if your claim ends in compensation. The fee is usually a small percentage of your mortgage company data breach compensation payout. It is subject to a legal cap.
- You sign and send back the agreement. Your data breach solicitor begins work on your banking service data breach claim.
- Once they negotiate compensation for you, and the payout comes through, they deduct the success fee, and the rest is for your benefit.
- If your claim ends without compensation, you don’t pay the success fee or your solicitor’s costs.
Would you like to speak to us about No Win No Fee claims in more detail? If so, we’d be happy to chat with you. If you’d rather read our handy guide to No Win No Fee claims, you can find it here.
Are you ready to start claiming for a mortgage company data breach? Perhaps you have questions about getting a data breach solicitor or the claims process itself. Or maybe you’d like us to check your eligibility to claim. Whatever you need, we’re here to help. There are lots of ways for you to reach us too, including:
However you prefer to get in touch, we’ll be delighted to help you.
Can A Data Breach Solicitor Help With Data Loss? – If your data was lost, this guide could be useful to you. It explains more about claiming for incidents that involve data loss.
Claiming Mortgage Company Data Breach Compensation For Distress – This guide explains all about the psychological effects of a data breach, and how you can obtain compensation.
Workplace Data Breach Compensation Claims– One organisation that stores and processes your data is your employer. But what happens if they breach your personal data? Find out whether you could claim compensation if such a breach affects you.
ICO Guide For Data Protection – This guide is aimed at organisations that process data. It explains more about data protection law and how companies can ensure their compliance.
Government Guide To Data Protection – This government guide explains the Data Protection Act. It explains what rights you have when it comes to your personal data. You can also use this guide to help you make a subject access request to find out what data a company has on you.
Other Useful Compensation Guides
- Loughborough University Data Breach Compensation Claims
- Wrong Email Address Data Breach Claims
- Comparison Site Data Breach Compensation Claims
- Pharmacy Data Breach Compensation Claims
- Microsoft Data Breach Compensation Claims
- Post Office Data Breach Compensation Claims
- Stalker Data Breach Compensation Claims
- Oxford Brookes University Data Breach Compensation Claims
- GP Data Breach Compensation Claims
- Optician Data Breach Compensation Claims
- Loan Company Data Breach Compensation Claims
Written By Jefferies
Edited By Melissa.