University Of Cambridge Data Breach Compensation Claims Experts

100% No Win, No Fee Claims
Nothing to pay if you lose.

Free legal advice from a friendly solicitor.
Specialist solicitors with up to 30 years experience
Find out if you can claim compensation Call 0800 073 8804

University Of Cambridge Data Breach Compensation Claims Guide

Welcome to our guide to making a claim following a University of Cambridge data breach.

Are you a staff member, student, alumnus or supporter of the University of Cambridge? Has your private data been breached? If you can prove that the university’s failings were responsible for your breach, then you may be eligible to bring legal proceedings in relation to the mental or financial damage that you’ve incurred.

University Of Cambridge data breach claims guide

This article will help guide you towards securing the compensation that you deserve for your suffering by making a University of Cambridge data breach claim. Here, we’ll cover everything including what your rights are as a data subject, how you could hold the university liable and even the potential data breach compensation award you may receive.

By getting in touch with one of our specialist advisors at Legal Expert, you could receive free legal advice on your data breach and access all of this information and more. If you have grounds to make a claim, they could connect you with one of our solicitors to handle your case for you on a No Win No Fee basis, eliminating the sense of financial risk that many claimants feel.

So, whether you’d like more information on anything included in this guide or you’re interested in receiving a free consultation to get a better understanding of your situation, reach out to us today:

Call us on 0800 073 8804
Fill out our contact form
Email us with details of your case at info@legalexpert.co.uk
Chat to us using the pop-up on the bottom of your screen

Limitation Periods on Data Breach Claims

Please be aware that you have a time limit of 6 years to make a claim. What’s more, the time limit on your claim is reduced to just 1 year if your case involves a human rights breach.

If you wait too long before taking legal action, you could risk losing the compensation that you deserve. Please speak to one of our advisors today to get free legal advice on your situation and see whether you could be eligible for a payout.

Choose A Section

A Guide To Claims For Data Breaches By Cambridge University
What Is A Data Breach By Cambridge University?
GDPR FAQs For Universities
How Many Higher Education Institutions Have Breached Data Privacy Rules?
How Cambridge University Has Been Affected By A Breach Of Data Protection
Criminal Attacks And Thefts Of Physical Or Digital Data
How Could I Be Compensated For A Breach Of My Data Privacy?
Calculating Data Breach Claims Against Cambridge University
What Should I Do If My Data Privacy Has Been Breached?
No Win No Fee Data Breach Claims Against The University Of Cambridge
Discuss Your Case
Extra Resources

A Guide To Claims For Data Breaches By Cambridge University

Over the course of this article, we’ll address some questions that you may have regarding how to make a University of Cambridge data breach claim, including:

How are data and data breaches defined?
What are university data breaches caused by?
What are some cases of past university data breaches?
What data protection legislation must universities follow?

Furthermore, we’ll give you our team’s top tips on how you could boost the chances of your claim’s success, such as:

Reaching out to the university to voice your concerns
Making a complaint with the Information Commissioner’s Office (ICO) for liability to be investigated
Using a No Win No Fee solicitor to handle your case

However, as mentioned earlier, by getting in touch with our team, you could receive free legal advice on your data breach and access all of this information and more. If you have grounds to make a claim, they could connect you with one of our solicitors to handle your case on a No Win No Fee basis.

So, whether you’d like more information on anything included in this guide or you’re interested in receiving a free consultation, reach out to us today.

What Is A Data Breach By Cambridge University?

In this section, we’ll discuss the definitions of data and data breach to give you an insight into the technicalities of your situation.

Generally, the term data can be used to describe any piece of your private data that could be used to identify you. This could include but is not limited to; your name, date of birth, gender, contact details and student number.

Organisations like the University of Cambridge are required to obtain your consent before they interact with any of this personal information, meaning you can allow or deny their purposes for collecting your data.

However, in the unfortunate event that any of your data is compromised, meaning it’s interacted with in a way that you did not consent to, then this type of security incident is defined as a data breach.

There are many factors that could contribute to a data breach occurring, ranging from poorly trained staff to weak security systems. Some common instances of data breaches include:

Cyberattacks, such as a ransomware hack
Unauthorised access, alteration, disclosure or destruction of physical data
Human error

Recently, you may have heard that the financial and administrative providers, Blackbaud, suffered a ransomware attack that subsequently impacted 8 universities in the UK, including the University of Cambridge.

Although Blackbaud paid the hackers’ ransom to release the data that they’d stolen, personal information of staff, students, alumni and supporters of the affected universities was still compromised, including:

Personal details, such as names and dates of birth
Contact details, such as telephone numbers and email addresses
Professional details, such as employment information and job titles

To add insult to injury, Blackbaud reportedly took weeks to notify those whose data had been impacted as part of the breach, despite Article 33 of the Data Protection Act 2018 requiring organisations to inform affected subjects within 72 hours of the breach.

Please see the next section of our guide to learn more about data protection laws in the UK and how the University of Cambridge could be liable for your breach if they failed to comply with relevant legislation. Alternatively, contact our team today for free legal advice on your situation.

Source: https://www.trin.cam.ac.uk/alumni/information/blackbaud-data-breach/

GDPR FAQs For Universities

In this section, we’ll outline some key points from relevant data protection laws that you ought to be familiar with—the Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR).

The DPA is the UK’s primary piece of data protection legislation that outlines how organisations, like the University of Cambridge, are and are not permitted to interact with subjects’ data. It was introduced in attempts to give subjects a better sense of control over how their personal information is collected, protected and used.

The DPA enacted into UK law the EU’s GDPR, which provides a framework for standards of data handling practices. Some key regulations include:

Organisations are not permitted to interact with subjects’ data unless their consent is actively given
Organisations are not permitted to retain subject’ data for longer than is absolutely necessary
Organisations are not permitted to interact with subjects’ data unless they have a reliable system of data security in place to protect it

If you’ve suffered a University of Cambridge data breach and can prove the institution to be in breach of data protection laws, then you could be able to hold them liable as part of your claim.

To get free legal advice, chat with one of our friendly advisors today for free legal help on your situation. Alternatively, please continue reading to see how universities could be in breach of data privacy rules.

How Many Higher Education Institutions Have Breached Data Privacy Rules?

Have you suffered a data breach that you believe a university to be responsible for? If so, recent statistics suggest that you’re not alone, with more than 54% of UK universities reportedly experiencing data breaches between 2019 and 2020.

According to a recent survey, 86 universities admitted to suffering failures in their data protection practices, which was attributed to the following:

Lack of cybersecurity awareness training
- 46% of universities failed to provide staff with sufficient training
- 51% of university students were provided with insufficient training
Lack of ‘penetration tests’ (cybersecurity experts undertaking controlled hacks on security systems to source weaknesses in the network)
- 27% of universities conducted no penetration tests at all

The fact that universities hold a range of confidential and often sensitive information means that they have a heightened responsibility to ensure that it is protected. However, as the findings of this survey show, a large proportion of UK universities are failing to meet the required standards of data security as established in data protection legislation, which may explain the number of breaches in recent times.

If you can prove that the University of Cambridge data breach that you suffered was caused by the institution’s own failings, then you could be able to make a claim against them. To see some examples of past data breaches suffered by the university or to learn more, please read on or speak to our team today.

Source: www.itgovernance.co.uk/blog/54-of-universities-reported-a-data-breach-in-the-past-year

How Cambridge University Has Been Affected By A Breach Of Data Protection

In this section, we’ll present you with a case study of a University of Cambridge data breach that impacted more than 300 medical students. The sensitive nature of some of the information leaked was particularly distressing for victims, as it included details about their extenuating circumstances, mental health problems and disabilities.

In June 2017, Cambridge University suffered a data breach when personal information of over 300 medical students was mistakenly leaked to the entire class. When a spreadsheet containing the students’ details was accidentally attached to a welcome email by administrative staff, it was then sent to all medics embarking upon their fourth year at the Clinical School.

Though a follow-up email was sent 18 minutes later asking students to disregard the accidental attachment, there was no way of ensuring that students data included in the spreadsheet was not compromised, such as:

Names
Dates of birth
Student numbers
Genders
College

In addition to these identifiable details, sensitive and confidential information regarding students’ personal issues were also exposed without consent, such as:

Reasons for deferral or withdrawal from the course
Extenuating circumstances for extension
Details about mental health, disabilities and whether they were fit to become doctors

The data breach was reported to the Information Commissioner’s Office (ICO) by the Clinical School responsible. The University of Cambridge also made a statement assuring students that they had implemented new measures to try and prevent any future data breaches of this nature from occurring.

Source: https://www.varsity.co.uk/news/19486

Criminal Attacks And Thefts Of Physical Or Digital Data

As mentioned earlier in this article, the fact that universities hold a range of confidential and often sensitive information means that they are a target of cyberattacks. From research materials to personal details, this information is often a lucrative find for criminals wishing to use it for financial gain, whether it’s sold on the dark web or used as part of an identity fraud crime.

With the demand to find a coronavirus vaccine dominating the world’s research efforts in 2020, universities reported spikes in attempted cyberattacks on their security systems. With biomedical research departments specifically impacted, it’s believed that these hacks were made by countries including China and Russia, to obtain research materials for the vaccine.

However, the universities affected reported that these attempts were all unsuccessful.

Source: https://www.theguardian.com/world/2020/may/03/hostile-states-trying-to-steal-coronavirus-research-says-uk-agency

Another case of a criminal cyber attack involves digital solutions company, Jisc, that conducted a series of penetration tests on UK universities to assess their cybersecurity capabilities.

As mentioned earlier, penetration tests is the term used to describe a method for sourcing security weaknesses by having cybersecurity experts undertake controlled hacks.

As part of their findings, Jisc reported that they were able to infiltrate databases containing personal information of students and staff through phishing emails. This method involves hackers sending recipients scam messages, typically posing as a legitimate contact, to encourage them to download an attachment that actually contains malware.

Overall, Jisc successfully infiltrated cybersecurity systems of over 50 universities in the UK in a period of under 2 hours. These results reinforce the vulnerabilities within the higher education sector’s ability to protect the data of its subjects.

Whatever the circumstances of your University of Cambridge data breach, if you can prove they were at fault, please see the next section of this guide to learn how you could be compensated for the damage that it’s caused you or speak to one of our specialist advisors today.

Source: www.itgovernance.co.uk/blog/54-of-universities-reported-a-data-breach-in-the-past-year

How Could I Be Compensated For A Breach Of My Data Privacy?

If you’ve been affected by a University of Cambridge data breach and wish to make a claim against the institution responsible for it, there are typically two types of compensation that you could claim for.

Material damage could be claimed if you wish to recover financial losses that your data breach has caused you to experience
Non-material damage could be claimed if you wish to be compensated for mental distress that your data breach has caused you to experience

Please see the next section of this article to gain an insight into how much compensation you could be entitled to. Alternatively, contact one of our specialist advisors for free legal advice on your situation and get an estimate of your payout today.

Calculating Data Breach Claims Against Cambridge University

After suffering a University of Cambridge data breach, you may be wondering how much compensation you could be entitled to for the damage that you’ve incurred. At this point in our guide, we’ll explain how data breach claims are valued and provide you with some estimated figures taken from the Judicial College Guidelines.

Once the claimants of the Vidal-Hall and others v Google Inc case were awarded compensation for non-material damage alone in 2015, the nature of data breach claims was changed for the better.

Whereas financial damage was previously required in order for compensation to be given in data breach cases, this now meant that material damage was not necessary in order for a payout to be awarded.

As a result, compensation for non-material damage is now valued as personal injury claims are, using the severity of the claimant’s suffering and compensation brackets from the Judicial College Guidelines as a framework. For some examples of estimated settlement figures, please see the table below:

Edit
Type of Injury	Severity Level	Compensation	Additional Details
Psychiatric Damage	Severe	£51,460 to £108,620	In this category, the victim will be vulnerable in the future. There will be a very poor prognosis.
Psychiatric Damage	Moderately Severe	£17,900 to £51,460	Significant problems will exist but a more optimistic prognosis will be offered.
Psychiatric Damage	Less Severe	Up to £5,500	The amount awarded in this category will assess how long daily activities were affected and how long the injury lasted.
Post-Traumatic Stress Disorder (PTSD)	Moderately Severe	£21,730 to £56,180	In this category, PTSD will cause significant problems for the foreseeable future but there will be hope of some recover with professional support.
Post-Traumatic Stress Disorder (PTSD)	Less Severe	Up to £7,680	This category covers cases where all major symptoms of PTSD have been resolved with one or two years.

What Should I Do If My Data Privacy Has Been Breached?

If you’re wondering how you could evidence your University of Cambridge data breach claim, one step you could take is contacting the university to raise your concerns about the damage that they’ve caused. Any response that they offer you could be used against them, providing that they include some sort of admission of wrongdoing that led to your breach.

Alternatively, you could report the data breach to the Information Commissioner’s Office (ICO). If you do so within 3 days of the incident, the ICO could investigate the situation for you and evaluate whether the university was liable for your breach.

If the ICO establishes liability, then this could be used to evidence your claim against the university. In addition, the ICO could issue them a fine or limit their future data interactions.

No Win No Fee Data Breach Claims Against The University Of Cambridge

Our solicitors always handle claims on a No Win No Fee basis, eliminating the sense of financial risk that many claimants feel.

If you’re not familiar with these agreements, they simply mean you don’t have to pay your solicitors’ fees if they don’t win your claim for you. In addition, there are no upfront costs or hidden fees that accrue in the background.

If your solicitor is successful and wins your claim for you, then a ‘success fee’ will be allocated to them as a small percentage taken from your payout. However, as this is legally capped and outlined in your agreement, you can rest assured that you won’t be losing a significant portion of your compensation.

Discuss Your Case

By getting in touch with one of our specialist advisors at Legal Expert, you could receive a free consultation on your data breach and access all of this information and more. If you have grounds to make a claim, they could connect you with one of our solicitors to handle your case for you on a No Win No Fee basis.

Call us on 0800 073 8804
Complete a contact form
Email us at info@legalexpert.co.uk
Chat to us using the pop-up on the bottom of your screen

Extra Resources

Thank you for reading our University of Cambridge data breach guide. To bring this article to a close, we’ll leave you with some helpful resources that could be of additional help in securing you the compensation that you deserve.

Please take a look through the links below to learn more about the different steps that you could take after falling victim to a data breach.

The University of Cambridge’s Blackbaud data breach guidance – the university’s official guidance on what you could do if you think that you’ve been impacted by the Blackbaud data breach.
The University of Cambridge’s data breach guidance – the university’s official guide to what you could do if you think that you’ve suffered from a data breach.
How to claim non-material damage compensation – our guide to how much compensation you could be entitled to for mental anguish suffered as a result of your data breach.
How to claim data breach compensation – our guide to how you could secure the compensation that you deserve for suffering from your data breach.
What are my rights in the wake of a data breach? – our guide to what your rights are after suffering from your data breach.

Other Useful Compensation Guides

Thank you for reading our guide to making a claim for a University of Cambridge data breach.

Guide by Mavers

Edited by Billing

Contact Us

Fill in your details below for a free callback

Name :

Email :

Phone :

Services :

Time to call :

Please leave this field empty.

Meet The Team

Patrick Mallon

Patrick is a Grade A solicitor having qualified in 2005. He's an an expert in accident at work and public liability claims and is currently our head of the EL/PL department. Get in touch today for free to see how we can help you.

View all posts