Human error data breaches: the Virgin Media case

Human error data breaches are incredibly common. When it comes to how we approach this factor in an action like the Virgin Media legal cases that we have launched, we look at systemic failures.

In short, people can claim compensation where the cause of a data breach is triggered by a so-called human error. There are usually organisational failures to consider, especially in this case when information was left exposed for a period of 10 months.

The law can mean that the negligence of an employee can fall on to the organisation in any event, so people can still claim.

Human error data breaches are organisational problems

We often see the phrase “human error data breaches” being used, and it can serve to shift the focus away from the organisation that has suffered the breach and move it toward a singular person’s error. Some may say that the Virgin Media cybersecurity incidents falls within the category of human error data breaches, but this is not the way that we look at things.

Ultimately, in this case, a database had been left unsecured in error. Does that mean that we take that as the cause of the breach and leave things at that?

Not in our view.

Our questions, which we may get answers for as part of the legal action that we have launched, include:

• How was this allowed to happen? What training and guidance has been provided to those involved?
• What checks, systems and failsafes were involved to prevent such errors occurring?
• How was the exposed information, or even the risk of it happening, not something that Virgin Media were able to identify before?;
• This breach was eventually discovered by a third-party security researcher who flagged the issue. By that point, an unknown third-party had already accessed the data as well. Why?

What we are getting at here is that this was a highly preventable data breach. Better systems, protocols and procedures could have prevented it. In the digital age that we live in, there should be no excuse for this kind of data leak to take place, as the focus across everyone within an organisation should include key data protection elements. When we launch an action for compensation, it is the organisation that we are usually taking to task.

Claiming compensation for a human error incident

We are often asked how people can claim compensation for human error data breaches. It is important to know that, as well as the fact that we take any organisational failure into account, the incident being blamed on a person does not stop people from being able to claim.

Organisations can be held vicariously liable for the actions and the negligence of their employees. This can mean that the negligence of an employee must fall on to the employer when it comes to meeting the claim.

This does not always apply, as intentional data breaches may not amount to vicarious liability. But an incident that stems from negligence can usually be a matter of vicarious liability that we can apply to a case, which means that victims can claim their compensation from the organisation.

Start your compensation claim today

You can start your No Win, No Fee Virgin Media data breach compensation claim quickly and easily today with us.

All you need to do is head over to the main section of the website here and complete the forms to get started today.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.