How To Claim If Personal Data Is Sent To The Wrong Email Address

By Lewis Houston. Last Updated 2nd November 2023. Having personal data sent to the wrong person can be very distressing. Has sensitive or personal information about you been forwarded to a company or public body by mistake? Have you suffered financial or emotional harm as a consequence? You could claim damages for the mental anguish or financial damages this has created and our article explains how.

At Public Interest Lawyers we can assist your search for compensation after an email or postal data breach. Read on to learn more about how a data breach specialist could evaluate your claim in minutes. Simply get in touch with our team on the contact details below.

Personal data sent to wrong person data breach

Personal data sent to wrong person data breach

Select A Section

  1. My Personal Data Was Sent To The Wrong Email Address – Can I Claim?
  2. How Could Your Personal Data Be Sent To The Wrong Email Address?
  3. What To Do If An Email Is Sent To The Wrong Person Containing Personal Data
  4. Compensation Payouts If An Email Is Sent To The Wrong Person Under GDPR
  5. Make A No Win No Fee Data Breach Claim

My Personal Data Was Sent To The Wrong Email Address – Can I Claim?

You might be unsure what constitutes a breach of personal data. Firstly, personal data is any information that can identify you, alone or with other details. A data breach is a security incident in which the availability, confidentiality, or integrity of your data is compromised. 

The personal data of UK residents is protected under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. An independent body called the Information Commissioner’s Office (ICO) is responsible for upholding this legislation. If you want to make a claim for data breach compensation, you’ll need to be able to prove that:

  • The breach was caused by wrongful conduct
  • It affected your personal data
  • You were harmed emotionally and/or financially as a result

If an email is sent to the wrong person then a UK GDPR breach may have occurred, and a data breach solicitor from our panel could help you get compensation. Get in touch for more information on how to be connected.

How Could Your Personal Data Be Sent To The Wrong Email Address?

Emails containing personal information sent to the wrong recipient can cause embarrassment and distress. Having personal data sent to the wrong person can be very distressing In severe cases, it could expose the data subject to potential fraud and criminality. Incorrect use may have been the fault of a data controller or processor:

  • Not using the Bcc Field – which is the function that conceals other email addresses from bulk or group correspondence
  • Failing – as required in the lawful bases above
  • Including unauthorised parties within the email group
  • Failing to check a third party user

Agreeing to data use is a vital part of UK GDPR, but it’s important to note that not all types of data sharing or use require specific consent from the data subject. There are also exceptions and exemptions.

If your email details were misused, wrongly applied or otherwise given for one reason only to discover it was being used for another, call our advisers to see what your next steps could be. Why not call to check if you have a valid data breach claim? Or speak with our team who can assess the validity of your claim today.

What Can Happen If Confidential Information Is Sent To The Wrong Email Address?

If the person in authorised possession of your information (the data controller) sends it to the wrong email address, this occurrence could affect you in a few different ways.

For example, you could make a data breach claim if the email contained your bank details. If your finances are affected as a result of this mistake, then you could be owed compensation.

To illustrate another scenario where an email is sent to the wrong person, the message could contain sensitive information pertaining to a health condition or something equally personal. This could cause psychological harm, such as anxiety or stress.

If you have suffered financial or psychological harm as a result of incorrect email use, you could be owed data breach compensation. To find out today if you’re eligible to receive a settlement, get in touch with our advisors.

What To Do If An Email Is Sent To The Wrong Person Containing Personal Data

If an email has been sent to the wrong person, then under the UK GDPR, this may be considered a data breach. If you become aware that your confidential information has been sent to the wrong email address, then there are several steps you may be able to take.

The first step you can take is to raise your concerns with the organisation that has breached your data. The ICO offers a template letter to help you do this. If you receive no meaningful response no later than 3 months after the last contact with the organisation in question, you can complain to the ICO directly. They may then choose to investigate the data breach.

Additionally, you could collect evidence to prove the harm that you have suffered due to the personal data breach. For example, a copy of your medical records stating any psychological injuries you have been diagnosed with could help with proving the mental harm you experienced. A copy of your bank and credit card statements could help with proving the financial losses the data breach has caused you.

When making a claim against the organisation that caused an email to be sent to the wrong person, a data breach lawyer could assist you with gathering evidence and guiding you through the steps of the claiming process.

Our advisors are here to help. Get in touch with our team today to find out if you could be eligible to make a personal data breach claim.

Compensation Payouts If An Email Is Sent To The Wrong Person Under GDPR

If you have suffered psychologically or financially due to a personal data breach, you could potentially make a UK GDPR compensation claim. Following a successful claim, your settlement could be divided into material and non-material damage.

You could be compensated for material damage if you have suffered financial losses due to your personal information being breached. For example, a bank data breach could compromise your banking details and credit card information. This could result in someone stealing money from your account or making large purchases to your card. Providing evidence of these monetary losses, such as bank statements, could help you with your claim.

You may also be compensated for non-material damage if you’ve been affected psychologically by a personal data breach. For example, you may suffer from anxiety due to a data breach if your confidential information was sent to the wrong email address. Providing evidence that your mental health has suffered due to the personal data breach could help support you in your claim. For example, you could request a medical report.

Using the compensation figures in the 16th edition of the Judicial College Guidelines (JCG) we have created the following table to help you understand how much you could receive in non-material damage. Many legal professionals will use the JCG to help them value claims, as it provides compensation brackets for both physical and mental injuries.

You should only use this table as a guide.

Type of injury Severity additional notes Judicial College Guideline award bracket
Psychiatric harm Severe (a) Serious problems which affect how the claimant copes with life, work, managing relationships etc. The prognosis is also poor. £54,830 to £115,730
Psychiatric harm Moderately Severe (b) Significant issues with aspects of daily life but with a better prognosis. £19,070 to £54,830
Psychiatric harm Moderate (c) Significant improvement shave been made, despite various problems, with a good prognosis. £5,860 to £19,070
Psychiatric harm Less Severe (d) The length of disability is considered here with awards based on impact to sleep and daily activities. £1,540 to £5,860
PTSD Severe (a) Permanent issues that prevent the person from returning to life as it was lived prior to the trauma. £59,860 to £100,670
PTSD Moderately Severe (b) A better prognosis, with room for recovery with professional help, but there will still be significant persisting issues for a while. £23,150 to £59,860
PTSD Moderate (c) A significant recovery with only minor persisting symptoms. £8,180 to £23,150
PTSD Less Severe (d) A full recovery within a 24 month period with only trivial symptoms remaining. £3,950 to £8,180

Contact our advisors today for a more accurate estimation of how much you could potentially receive in compensation for a data protection breach or if you are unsure whether you could make a claim if personal data was sent to the wrong person.

Make A No Win No Fee Data Breach Claim

You might be interested in working with a solicitor for your personal data breach claim. One of the specialist data protection solicitors on our panel could represent your case, provided it’s valid and has a chance of success. Additionally, they may offer their services under a type of No Win No Fee agreement known as a Conditional Fee Agreement (CFA).

When working with a solicitor on a solicitor on this basis, they won’t ask you to pay any upfront or ongoing fees for their services. Also, if your claim fails, your solicitor won’t charge you for their services.

However, if your solicitor is successful with your claim, they will take a success fee from your compensation. The percentage they can take as a success fee is capped by the law.

You can get in touch with our advisors today for free advice about what steps you could take following a personal data breach. Our friendly team is available 24/7 to help answer your questions and offer free advice.

To speak with an advisor:

Learn More About Data Breach Compensation Claims

In conclusion, the following related guides offer more information for claims relating to personal data sent to the wrong person: