Three Wales Data Breach Compensation Claims Experts

100% No Win, No Fee Claims
Nothing to pay if you lose.

  • Free legal advice from a friendly solicitor.
  • Specialist solicitors with up to 30 years experience
  • Find out if you can claim compensation Call 0800 073 8804

Start My Claim Online

Three Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Three Data Breach

If you have evidence that shows you are the victim of a Three data breach, you could seek compensation if you suffer financial damage or harm to your mental health. Legal Expert can help you if so.

Three data breach claims guideBusinesses, organisations, and other entities that collect personal data must abide by the EU’s General Data Protection Regulation (GDPR). How UK organisations handle, your personal information is governed by The Data Protection Act 2018. Therefore, as a data subject, you have more control of how your information is gathered, processed and stored by organisations, companies and other businesses.

If unauthorised persons gain access to your personal information in a Three data breach, you could have ground to sue if you can show it was the organisation’s fault and you suffered financial or mental damage.

If, after assessing your case, we find you have solid grounds to pursue data breach compensation, we can connect you with one of our specialist No Win No Fee solicitors.

Our guide provides essential information on when a claim against Three could be valid. We offer an idea of how much compensation could be awarded in a successful claim. We also cover how a specialist data breach solicitor can be of assistance.

To find out more on how to go about making a data breach claim against Three, please continue reading our guide. The sections below cover many aspects of a Three data breach claim with strong evidence against a telecommunication provider.

Alternatively, an adviser can answer any questions or queries you may have about how to claim on 0800 0703 8804.

Select A Section

A Guide To Claims If Affected By The Three Data Breach

Anyone who logs onto a website will be asked to review how their personal information is used, a legal requirement under the GDPR and the Data Protection Act 2018. Many people click on the ‘agree’ tab rather than look at how a site plans to use, process, and store their personal information.

However, it is always a good idea to check whether your personal data is being correctly and legally used. If you suspect it is not, you should contact your provider to inform them of your concerns.

The principles of data protection

  • Lawfulness, fairness and transparency
  • Purpose specific
  • Minimum data collection
  • Accurate (up to date)
  • Storage limitation
  • Integrity and confidentiality
  • Accountability
  • International Transfers

Above, you can see the various principles of data protection. These are enshrined in the GDPR and promote good practices that all organisations must follow regarding data handling.

This guide provides information on how to seek data breach compensation if an organisation doesn’t follow these principles. It also explains what losses and expenses you could include in a successful claim against the telecommunication provider such as Three.

As with most personal injury claims, there is a time limit to making a data breach claim for compensation. The time limit is 6 years from the date you obtained knowledge of the breach. That said, if the breach involves human rights, the time limit is set at 1 year from the date you were told of the breach.

Data breach claims are complex because a lot of evidence needs to be gathered to support a case. As such, here at Legal Expert, we always advise any victim of a data breach to begin a claim as soon as they can. Your claim could be time-barred if you wait too long to file it.

To speak to one of our advisers to work with one of our specialist data breach lawyers, please get in touch today. A member of our team can provide legal advice if you need to file any Three data breach claims.

What Is A Data Protection Breach Claim Against Three?

A data breach may be accidental, intentional, malicious, or due to negligence. Data security breaches can result in identity theft and loss. Additionally, unlawful or unauthorised disclosure or transmission of personal information could occur due to a breach in cybersecurity. The same applies if the information is altered or disclosed in a breach.

As a telecommunications provider, Three must abide by the law related to collecting, processing, and storage of personal information. The provider acts as a data controller and must ensure any personal information is secure.

To achieve this, Three must set the necessary cybersecurity measures to protect all personal data they collect, process, and store. They must also ensure all physical data they collect and store is kept secure to prevent unauthorised persons from accessing it.

If you have evidence that shows you are the victim of a Three data breach, please speak to a member of our team today. Your case will be assessed, and if we find you have strong grounds to seek compensation, a No Win No Fee solicitor could take on your claim.

GDPR Compliance For Telecommunications Providers

Telecommunication providers, just like other businesses that collect, process, and store personal information, must abide by the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. For a provider like Three, the challenges are intense due to the many people/organisations the company is connected to. This includes customers, suppliers, employees, and sub-contractors.

That said, telecommunication providers face more challenges regarding data protection, with GDPR compliance being just one of many aspects of the legislation. This includes how a provider handles or is ‘required’ to handle your personal data.

Not only does personal data protection under the General Data Protection Regulation encompass identifiers like name, contact information and date of birth, it also includes the following where telecommunication providers are concerned:

  • Activities
  • Behaviours
  • Interests

All of the above are connected to an ‘identifiable’ person/data subject. If Three suffers a security breach and your personal information is accessed, you could seek compensation if you can show it was their fault and you suffered mental or financial damage as a result.

A failure to adequately protect personal information from a breach could lead to Three receiving hefty data breach penalties. The ICO has the power to fine data controllers if they are found negligent. It could also mean you are eligible to file for compensation.

To discuss your claim with one of our advisers, please get in touch today to receive free legal advice.

What Happened In The Three Mobile Data Breach?

Three UK suffered a data breach in October 2019 when individuals who logged into their accounts could see the personal information of other people, including phone records.

Three customers voiced their concerns on the social media platform Twitter, alerting journalists at the Register who specialise in data security. Only then was the breach reported.

Not much is known regarding the number of people who were impacted by the Three Mobile data breach. Three has over 10 million customers, but it’s suspected only a few were impacted.

This came on the wings of a significant data breach in 2017 related to customers using the My3 app. Some customers could download the billing information of others.

It is noteworthy that Three UK must abide by Regulation 5a of the Privacy and Electronic Communications (Amendment) Regulations 2018. This provides a full explanation of how many people are affected by a breach in cybersecurity. It is a legal obligation, and it is one that all organisations must abide by.

The company concerned must also explain how they are dealing with the matter. Any customer affected by the breach must be informed ‘without undue delay,’ which Three was slow in doing.

If you were the victim of a Three data breach, please get in touch with Legal Expert to receive free legal advice. 


How Do I Report A Company To The Information Commissioner?

When your personal information is accessed, you may be able to seek compensation if you go on to suffer damage to your finances or mental health, and you can prove it was the fault of the organisation.

This type of claim can be complex, so it is always worth seeking legal advice before you do anything. That said when your personal information is breached, or you suspect as much, you should:

  • Get in touch with Three straight away and tell them about your concerns and how you are being affected.
  • If you do not receive a timely reply (within 3 months), or the response is not to your liking, you should seek legal advice straight away and report the matter to the ICO.

It is worth noting that you do not have to complain with the ICO to claim compensation, but the findings of their investigation could prove useful to your claim.

Please get in touch today to receive free legal advice and find out whether a specialist data breach solicitor will take on your claim on a No Win No Fee basis.

How Does Compensation For Data Breach Distress Work?

The EU’s General Data Protection Regulation (GDPR) gives you the right to claim compensation if your personal data ends with unlawful access in any breach. You can also seek compensation for material (financial) and non-material damage (psychological) when you make a data breach claim.

A breach could lead to identity theft and financial losses. It may even turn into a permanent problem you have to deal with. This, in turn, may cause stress, anxiety and depression. The severity of the breach and its impact on you as a whole would factor into any GDPR data breach compensation payout you receive.

Potential Compensation Payouts For A Three Data Breach

Are you wondering who can claim Three compensation should a personal data breach occur? Data controllers, organisations that say why and how your personal data will be processed, have to by law protect your personal data accordingly. If a personal data breach were to occur, compensation could be owed to you if you have evidence that an organisation’s wrongful conduct caused you some form of financial or psychological harm due to the breach.  In data breach claims, these are known as material and non-material damages, respectively.

It is important to note that, as the result of a ruling in the case of Google Vs. Vidal-Hall [2015], you can now claim for the damage to your mental health without having suffered any financial loss first. As mentioned above, the sum awarded in line with the impact on your mental health is known as non-material damages.

This figure is calculated in a similar way as in personal injury law. This is due to the ruling in the Gulati & Others Vs. MSN [2015] case. This means that a publication called the Judicial College Guidelines (JCG) can now be used by legal professionals when they are valuing your non-material damages payment.

We’ve included some examples from the 2022 edition (the latest version) of the JCG in the table below. This way, if your Three data were ever potentially harmfully exposed due to the organisation’s wrongful conduct, you could gain a better understanding of how much this portion of your settlement may be worth.

Type of Harm/Injury Severity Level General Damages Awarded taken from the Judicial College Guidelines
Psychological harm caused by the effect of a data breach Severe – the impact on a person leaves them with serious long term issues £54,830 to £115,730
PTSD – Post-traumatic stress disorder caused by the effect of a data breach Severe – the impact on a person leaves them with serious long term issues £59,860 to £100,670
PTSD – Post-traumatic stress disorder caused by the effect of a data breach Moderately serious £23,150 to £59,860
Psychological harm caused by the effect of a data breach Moderately serious £19,070 to £54,830
PTSD – Post-traumatic stress disorder caused by the effect of a data breach Moderate the impact has lasting effects £8,180 to £23,150
Psychological harm caused by the effect of a data breach Moderate where the prognosis is that an injured party may suffer longer term anxiety and depression £5,860 to £19,070
PTSD – Post-traumatic stress disorder caused by the effect of a data breach Less serious Up to £8,180
Psychological harm caused by the effect of a data breach Less serious where the prognosis is relatively positive Up to £5,860

Remember, the figures are only guidelines. The amounts shown do not serve as a guarantee regarding what you’ll receive.

How Do I Take Action Against A Company Who Breached My Data Privacy?

You must inform your mobile phone provider right away if you suspect your personal information is being unlawfully accessed. So, if you do not receive a ‘meaningful’ response from the provider within 3 months following your complaint, you should seek legal advice. You could also make a formal complaint to the ICO, though this isn’t a requirement.

If a claim is something you wanted to pursue, this is where Legal Expert can help you. So, if you’ve got evidence that you were impacted by a data breach and suffered damage to your finances or mental health, you have the right to explore whether a GDPR data breach compensation claim could be warranted.

One of our advisers will assess your case, and if we find you have grounds to seek compensation, one of our specialist data breach solicitors will offer you No Win No Fee terms. So, for free legal advice, please contact a member of the Legal Expert team today on the number at the top of the page.

How Our Data Protection Breach Solicitors Could Help You

There are many benefits to having a specialist data breach lawyer represent you when seeking compensation following a security incident. So, these include:

  • Having the assurance that an expert is representing you
  • Getting assistance when gathering evidence and proof to support your claim
  • The solicitor will work hard to get you a fair and acceptable level of GDPR data breach compensation
  • It can make a real difference in the outcome of your claim and the amount you receive

Legal Expert is proud of the work they do in representing people in all types of claims. We have years of experience when it comes to handling successful claims involving data breaches. Furthermore, our specialist data breach lawyers provide No Win No Fee terms on valid claims, and our expert advisers will provide answers to questions you have straight away.

To discuss a claim, please call a team member today on the telephone number at the top of the page.

No Win No Fee Claims For A Three Data Breach

If your claim is valid, you could file for compensation and pursue a claim under No Win No Fee terms. So, one of our solicitors could agree to represent you this way under a contract called a Conditional Fee Agreement, which means:

  • There aren’t any fees to pay upfront
  • No fees to pay while the claim progresses
  • If the claim is unsuccessful, you won’t have any fees to pay

If the claim is a success, your solicitor will deduct a small percentage to cover their costs. So, this is known as a success fee, and the deductible sum is capped by law.

Data Breach Statistics

The Government has a cyber security breaches survey covering 2020 and 2021, so a 12-month span. And during that period, it estimates that almost one in four companies would suffer a data breach. Though it doesn’t identify the breakdown of the sectors, it does note that 26% of charities are amongst the victims. And it also explains that when it comes to medium-level organisations, around 65% of those companies suffer. That is a significant percentage of data breaches, and this is only for one year. Therefore, it’s possible that many other companies not amongst those groups would previously suffer data breaches.

We have to mention, though, that not all of these data breaches end up reporting to the ICO. Indeed, the ICO only receives reports from the most serious data breaches, which could have a widespread impact. However, the ICO does list all of the companies, in date order, that report its data breaches to the body. And it’s insightful because it shows just how common data breaches are. Furthermore, it underlines that it could easily be you suffering from the consequences of a data breach. So, if you do find yourself in this position and wish to file a claim, please contact us today.

Start A Data Protection Breach Claim

If you suspect you are the victim of a data breach, Legal Expert can be of assistance. So, we offer all victims an initial consultation which is free of charge. And you are under no obligation to pursue a claim if you choose not to.

A member of our team will answer any questions you have regarding your claim. When you are ready, we will connect you with a specialist data breach solicitor.

To speak to one of our friendly advisors about a data breach claim against Three, you can do so in the following ways:

Additional Data Breach Resources

What if you require further information about a Three data breach claim where you can back up your case? Well, you may find these other resources useful to provide additional research:

A guide to claiming compensation for lost personal information due to a breach in an organisation’s cybersecurity:

Personal data lost

Our guide to stress-related data breach claims provides essential information on how to seek compensation:

Stress-related Data Breach Compensation Claims

Your employer must protect your personal data, and our guide below provides more information about this:

An employer’s duty to protect your personal data

The link below takes you to the ICO website, where you will find more information regarding data protection:

ICO Guidance relating to Data Protection

The law relating to data protection is on the link below:

The UK Government’s Guide to Data Protection

Other Useful Compensation Guides

Consumer Data Breach Statistics

A cybersecurity survey during 2020 reveals that cyber-attacks rise over time and that cybercriminals find more ways to infiltrate security systems. The survey reveals the following:

  • 46% of organisations in the UK reporting a cyber attack or a breach in their cybersecurity during the year ending 2020
  • 26% of UK charities falling victim to a cyber-attack or breach during 2020
  • Larger organisations reporting the most breaches (75%) as opposed to medium-sized organisations, with 68% reporting a breach in their security systems

Mobile Network Data Breach FAQs

People ask if Three suffers a hack by cybercriminals and want to know how it affects the victims. So, below you will find three of the most frequently asked questions regarding data breaches.

What are the three types of breaches?

There are three types of breaches which are:

  • Physical
  • Electronic
  • Skimming

Has Three Been Hacked?

Three has suffered several data breaches in the last few years. And the most notable ones would take place in 2017 and 2019.

What qualifies as a data breach?

This is any moment where somebody gains access to your private information without your knowledge or approval.

What is a network data breach?

This is a cyber attack whereby the phone network suffers the hack, causing the stealing of customer information.

How serious is a data breach?

A data breach is extremely serious, as it could affect millions of people. And in the worst-case scenario, it could lead to the customers suffering financial losses due to the hacker’s behaviour.

What is a breach of privacy?

This is where the victim sees their private information fall into someone else’s heads without authorisation.

What are the 4 types of invasion of privacy?

These are intruding on someone’s seclusion, publicly embarrassing a person, spreading false information about the victim and misappropriation.

How do you prove an invasion of privacy?

This requires public disclosure of private facts potentially offending the general public despite no public interest. Furthermore, it would not necessarily be true, but it would intend to cause damage to the victim.

Thanks for reading our guide on your legal rights following a Three data breach.

Guide by Wood

Edited by Billing

    Contact Us

    Fill in your details below for a free callback

    Meet The Team

    • Patrick Mallon

      Patrick is a Grade A solicitor having qualified in 2005. He's an an expert in accident at work and public liability claims and is currently our head of the EL/PL department. Get in touch today for free to see how we can help you.

      View all posts