Claiming For A Stolen Or Lost Device Data Breach

In this guide, we’ll show you how we could help if you’ve been affected by a lost device data breach.

In many walks of life, we’ll provide personal information to companies so that they can provide a service to us. Since the introduction of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, those companies must take steps to keep that personal data safe.

Therefore, for any device that contains information that could identify a data subject (any individual), the company responsible should take reasonable steps to keep it protected. If they fail to do so, and you suffer financially or psychologically as a result, you could make a data breach claim for compensation.

We can support you if you’ve suffered because your personal data has been exposed because of a lost or stolen device. We will review any claim on a no-obligation basis and let you know your options for free.

If we believe your claim has good grounds, we could connect you with a data breach lawyer from our panel. Should they take your case on, you’ll be represented on a No Win No Fee basis. As a result, you will only need to pay your solicitor’s fees if they achieve compensation for you.

To see if you have a valid lost device data breach claim, why not call us today on 0800 408 7825? To learn more about claiming before calling us, please read the rest of this guide.

Stolen or lost device data breach claims

Stolen or lost device data breach claims



Select A Section

Stolen Or Lost Device Data Breaches Explained

There is no doubt that portable devices can make it easier for companies to interact with their clients or customers. They can also reduce the amount of time it takes to complete tasks. For example, a social worker could upload information about a patient during a consultation instead of having to travel back to their office. This could result in much faster care provision.

However, where personal data is stored on portable devices, there is a certain level of risk involved. Therefore, data controllers (the organisation that decides how and why they’ll use your data) and data processors (organisations that process data on their behalf), must try to ensure the safety of those devices. That’s because if a device is stolen or lost, a data breach could occur.

Where this happens, the organisation might have to explain themselves to the Information Commissioner’s Office (ICO) who may conduct an investigation. What they can’t do, though, is award compensation to anybody who has been affected by the data breach.

Eligibility To Claim Following A Lost Device Data Breach

If you can answer ‘yes’ to the following questions, you could be entitled to claim for a lost device data breach:

  1. Did the organisation lose a device containing information about you?
  2. Did the incident cause you to lose money or suffer mental harm?
  3. And did the organisation do something, or fail to do something, that led to the device being lost?

If you do wish to claim, we’d advise using our live chat service to check how long you have to claim. That’s because, as with claims for workplace accidents, whiplash claims or slips and falls, data breach claims are time-limited. In some cases, you might have as long as 6 years to claim. However, some claims are limited to just 1 year, so it’s worth checking before you begin.

How many data breaches are caused by lost or stolen mobile devices?

The graph below shows data breaches relating to lost or stolen devices that were reported to the ICO for the period 1st July 2021 to 30th September 2021.

Lost Device Data Breach Statistics Graph

In total, 45 incidents were recorded. The highest number of incidents was seen in the health and education sectors.

The Types Of Devices That Could Be Stolen Or Lost

The types of devices that might be lost or stolen include:

  • Computers and laptops
  • Tablet devices
  • Mobile phones
  • USB sticks
  • Memory cards
  • Other data storage devices

Importantly, to be eligible to claim, the organisation must have committed positive wrongful conduct. For example, if they failed to train employees in data security properly and therefore one of them left a laptop containing personal information on a train, you might be able to claim if this led to a data breach.

However, a claim might not be possible if criminals broke into a secure location and stole devices. That said, if the devices were not encrypted and that made access to your data easier, you could be eligible to start a claim.

As you can see, it’s not always easy to determine if you have a valid lost device data breach claim. Therefore, why not call our advisors for a free case review?

What Are The Legal Consequences Of A Lost Device Data Breach?

As we’ve explained, you could be compensated if a lost device data breach results in mental harm or financial loss. But what are the legal ramifications for the organisation responsible for the breach?

Well, the UK GDPR’s rules mean that they must let the ICO know about the breach within 72 hours of its discovery if it risks the rights and freedoms of those it affects. If the ICO decides to, it can investigate what happened and review the organisation’s security protocols. If they believe there has been a breach of data protection laws, they could:

  • Issue an enforcement notice to change the way the company works.
  • Fine the organisation. This could be anything up to £17.5 million or 4% of the organisations global turnover (whichever is higher).

What Damages Are You Owed?

The UK GDPR allows you to claim for two different elements if you’ve been affected by a lost device data breach:

  • Material damage: money you’ve lost as a result of the incident.
  • Non-material damage: for any psychological suffering caused. This may include anxiety, distress, depression or Post-Traumatic Stress Disorder (PTSD) for example.

If your claim is taken on by a solicitor from our panel, they’ll work with you to find out exactly how you’ve suffered.

Calculate Your Lost Device Data Breach Damages Payout

The Court of Appeal made an important decision during the case of Vidal-Hall and others v Google Inc [2015]. It held that compensation can be considered for any mental harm caused by a data breach even if you’ve not lost any money because of it. (This wasn’t the case prior to the hearing).

In the case Gulati & Others v MGN Limited [2015], there was a ruling that settlement figures for psychological damage in data breach claims should be based on personal injury claim amounts. As a result, we’ve used compensation ranges from the Judicial College in our table below:

Type of Claim Severity Compensation Range Further Comments
PTSD Severe (a) £56,180 to £94,470 There will be no chance of the claimant returning to pre-trauma levels of functioning (or work) because permanent PTSD symptoms will affect all aspects of life.
Moderately Severe (b) £21,730 to £56,180 While there will be significant symptoms, there will be a good chance of some recovery with professional help.
Moderate (c) £7,680 to £21,730 While some less serious symptoms will persist, the claimant will mostly have recovered.
Psychiatric Damage – General The following factors are used to determine psychiatric damage compensation: Whether the claimant can cope with life and work; Any relationship problems; If treatment will help; Future vulnerability; Prognosis.
Severe (a) £51,460 to £108,620 All factors will cause significant problems and there will be a very poor prognosis.
Moderately Severe (b) £17,900 to £51,460 A more optimistic prognosis but significant problems with all factors initially.
Moderate (c) £5,500 to £17,900 The claimant will have suffered with most factors but they will have a good prognosis with a good level of recovery likely.

To help prove your level of psychological injury, a medical assessment will be needed. This will usually be conducted locally by an independent medical expert. The purpose of the assessment is to:

  1. Prove that your injuries were caused or exacerbated by the accident.
  2. Assess the severity of your injuries.

Your solicitor could use the resultant report to value your injuries.

If you can’t see your injuries in the compensation table above, why not get in touch for a free estimate?

No Win No Fee Lost Device Data Breach Solicitors

Nobody wants to risk paying for a solicitor in a case that is unsuccessful. Therefore, our panel of solicitors provide a No Win No Fee service if your claim is accepted. This allows people who may be wary of risking funds on a solicitor’s services to take on specialist legal representation.

If your case is accepted, your solicitor will send a contract called a Conditional Fee Agreement (CFA). It’s also known as a No Win No Fee agreement. This will explain that you’ll pay a success fee if your claim is won. This is listed as a fixed percentage of the compensation. What’s more, it’s capped by law.

Importantly, you don’t need to pay the success fee if your claim fails.

To check if your claim could be handled on a No Win No Fee basis, please call today.

Contacting Us

We have almost finished this guide on claiming for the harm caused by a lost or stolen mobile device. If you would like to begin a claim and would like us to help, you can:

  • Call our advisors on 0800 408 7825 to discuss your case.
  • Ask an online advisor to review your options.
  • Use our contact form to arrange a callback.

Please remember that you’ll get free legal advice whether you decide to make a claim or not.

Useful Data Breach Articles

You have reached the final section of this guide on lost or stolen device data breach claims. Therefore, we’ve linked to some additional guides for your information:

IT Security Tips – Information on how to protect IT equipment.

Mental Health Support – Details from the NHS on where to get support for conditions like anxiety.

ICO Action – Information on what action the ICO has taken recently.

Loss Of Earnings – Explains when you could claim for lost income during a claim.

Check Out More Of Our Data Breach Claim Guides

We also have some other guides you may find useful:

Thank you for reading this article about lost device data breach claims.

Article by RA

Publisher UI