22 October 2018
In a landmark ruling from the UK Court of Appeal, Morrisons is being held vicariously liable for the criminal actions of a former employee. This could get expensive.
Disgruntled auditor, Andrew Skelton, was jailed for eight years, way back in 2015, after stealing personal data of 100,000 staff, including bank and salary details. He then leaked the information to national newspapers and published it online.
5000 affected staff brought a group action against Morrisons, for the upset and distress that it caused.
Morrisons, who worked quickly to remediate the breach, has said it will appeal to the Supreme Court, as the only UK court to sit above the Court of Appeal.
The actions create very interesting implications of the impact that security breaches can have on companies. While many have highlighted the dramatic increase of potential fines under GDPR, these group actions could both exceed and duplicate those fines.
It suggests that data security is about to be taken a lot more seriously.
See the best data protection, privacy and security news...
|181130 Marriott data breach - 500m customers|
|181126 ICO fines Uber £385k; Dutch fine them £532k|
|181029 Portugal fines hospital £400k|
|181026 DataGRC article for CILEX (lawyer regulator) - GDPR update|
|181025 BA security breach update 185k avios reward users|
|181025 Security Breach Cathay Pacific 9.5m Passengers|
|181024 ICO DPA'98 fines Facebook £500k|
|181022 High Court holds morrisons liable for data breach.|
|181009 ICO PECR fine Boost (findmeafuneralplan.com) £90k|
|181008 ICO DPA'98 fine HAL £120k|
|181002 ICO PECR unfine STS Commercial £60k|
|181001 ICO PECR fine Oaklands Assist £60k|
|181001 FCA fine Tesco Bank £16.4m|
|180928 ICO DPA'98 fine BUPA £175k|
|180928 ICO DPA'98 fine Equifax £500k|
|180907 British Airways data breach 380,000 customers|
|181030 DataGRC GDPR article for EyeForTravel - 3 tips for managing data breaches|
|180427 DataGRC article for CILEX (lawyer regulator) - GDPR overview|
|180322 DataGRC GDPR article for EyeForTravel - 10 practical recommendations|
Add a comment or a question...
Articles made publically available on this website are general information and should never be mistaken for formal or legal advice. If you are seeking formal advice for your specific requirements, please contact our advisory team using the form above.