How Much Compensation For Lost Device Data Breach Claims

Across England and Wales, the Office for National Statistics reports that 196,000 people experienced phone theft during the year ending March 2023. It’s, therefore, worth knowing your rights when it comes to lost and stolen data. This guide examines lost device data breach claims.

We explain how third-parties could lose devices holding personal data, as well as how they can prevent this from happening. If your personal data was compromised in a security incident involving a lost or stolen device, you may want to know whether you are owed data breach compensation.

We will take you through your options should a device holding your personal data ever go amiss. This includes the evidence you need to make a legal claim against the party how lost it and how compensation could be awarded should you make a successful data breach claim.

Finally, we will provide an opportunity to make a claim with a No Win No Fee solicitor from our panel. You do not have to wait for this to start.

Contact our advisors today with any questions about claims for data breaches or to check your eligibility to seek compensation:

A hand using the touchpad on a silver laptop.

Choose A Section

What Is The Eligibility Criteria To Make Lost Device Data Breach Claims?

The Data Protection Act 2018 and UK General Data Protection Regulation set out how third-parties should handle personal data. Personal data is any that identifies you, such as your name or address.

These rules place an obligation on third-parties who control personal data to not destroy, lose, alter, disclose, or grant access to it, either unlawfully or accidentally. Such third-parties are called data controllers. However, a data controller may instruct a data processor to handle personal data on their behalf.

The rules also give you – the data subject – the right to have your personal data handled in a way that upholds its integrity, security, and accessibility. If a security event risks those rights, it is considered a personal data breach:

  • A data controller stores your personal data on a portable device.
  • That device is lost or stolen because of their wrongful conduct.
  • This incident causes you harm.

If all three conditions are met, compensation could be yours. Talk to our advisors today to take action. Their details are above.

What Devices Could Be Lost Or Stolen?

Any electronic device that can be moved can be lost or stolen. The list includes but is not limited to:

  • Servers.
  • Computers and laptops.
  • Tablets and mobile phones.
  • Hard drives.
  • CDs and DVDs.
  • Pen drives.
  • Memory and SD cards.

To discuss how your personal data was lost or stolen, speak to an advisor about lost device data breach claims. They can also assess your compensation eligibility and advise on what you might be able to claim.

A man in dark clothing and woman in a white coat fight over a black handbag.

How Could Human Error Lead To A Lost Device Data Breach?

A lost device data breach is usually caused by human error, and steps can be taken to minimise the damage. However, the damage grows when organisations don’t prepare.

  • On their way home, a shop manager loses a pen drive containing retail data, including the names, addresses, and contact details of all their customers. This customer data is not password protected.
  • Your manager’s laptop is stolen when they leave it unattended and unlocked in a café while they use the bathroom. It contains HR data including your trade union membership.
  • The new assistant at an accounting firm spills a drink on the owner’s phone. Irreplaceable account data is lost, having not been backed up for months.
  • Your account password has been part of a separate data breach. The bank data to which the password grants access has therefore also been breached.

Our advisors want to hear about your experiences and how they have affected you. Call them today to discuss your unique case and find out more about lost device data breach claims. Their details can be found at the start of this guide.

How Can The Loss Or Theft Of Devices Be Prevented?

Simple steps can be put in place to prevent a lost device data breach and avoid liability for data breach compensation. Data controllers and processors may wish to:

  • Only store data on portable devices if you must.
  • Protect portable devices with long, unique passwords that combine random words, numbers, and special characters.
  • Keep portable devices at secure locations. If you must move them, physically lock them in briefcases or on belt loops.
  • Use anti-theft tools that allow you to lock and locate storage devices remotely.

Any failure to take steps like this could mean you, as a data subject, are owed compensation. Get in touch with our advisors today to further discuss eligibility for lost device data breach claims. Your next steps are waiting via the details at the top of this guide.

A closed brass padlock sits on top of four debit cards and a laptop.

Do I Need To Inform The ICO Of A Lost Or Stolen Device?

The Information Commissioner’s Office (ICO) is the public body that exists to protect personal data and ensure compliance with legislation. They can enforce better data practices and issue fines, but they cannot award you compensation.

However, you may still wish to make a complaint to them. They can issue an official statement if they find fault. This is often the strongest piece of evidence in lost device data breach claims.

Please note that an organisation must notify the ICO within 72 hours of a data breach, in which case the ICO may write to you directly.

Whether or not you have already written to the ICO, our advisors can help set up your next steps on your journey to compensation. Their details can be found at the start of this guide.

What Evidence Could Be Used When Making Lost Device Data Breach Claims?

You or whoever handles your claim will have to support it with evidence.

  • Data Controller Correspondence – an organisation must tell in writing you if they put your data rights and freedoms at risk.
  • ICO Reports – their investigations are independent and any results can be used as evidence in their own right.
  • Medical Records – GP notes or a report from an accredited therapist can show that any psychiatric harm was caused by the lost device data breach.
  • Witness Contact Details – a member of our panel can take a statement from anyone who saw the damage done to you by the breach.
  • Other Relevant Documents – one of your data rights is to request any media in which your data appears.

More evidence makes for a stronger case and a higher likelihood that you will receive compensation. A member of our panel can also help collect this for you. So get in touch to know more about evidence for lost device data breach claims.

A nurse wearing teal scrubs and a stethoscope touches her phone's screen.

How Much Compensation For A Stolen Device Data Breach?

You may receive two kinds of compensation if you succeed in making a lost device data breach claim:

  • Material damage is what you have lost in money terms.
  • Non-material damage is the pain and suffering brought on by psychological harm.

Whoever handles the claim may value non-material damage using the Judicial College Guidelines (JCG). The JCG is a set of tables that detail how much injuries are worth. They are, as the name suggests, a guide and may not reflect final numbers. Some examples are below. Please note that the figure in the top row was not taken from the JCG.

Injury and SeverityCompensation GuidelineNotes
Multiple Severe Traumas plus Compensation for Material DamageUp to £250,000Likely to include loss of earnings and possible relocation costs as well as compensation for mental health harm.
Severe Psychiatric Damage with Very Poor Prognosis£66,920 to £141,240Marked problems with the person's life, education, work, and relationships. Treatment unlikely to mitigate existing symptoms or future vulnerabilities.
Moderately Severe Psychiatric Damage with Somewhat Optimistic Prognosis£23,270 to £66,920Significant problems with the person's life, education, work, or relationships.
Moderate Psychiatric Damage with Good Prognosis£7,150 to £23,270Some problems with person's life, education, work, or relationships that are likely to improve.
Less Severe Psychiatric Damage£1,880 to £7,150Recovery is likely. Value will depend on severity and duration of effects.
Severe Post Traumatic Stress Disorder (PTSD)£73,050 to £122,850Person will be unable to function at pre-trauma levels. All aspects of their life will be badly affected.
Moderately Severe PTSD£28,250 to £73,050Effects similar to Severe PTSD but with somewhat better prognosis given professional care.
Moderate PTSD£9,980 to £28,250Recovery likely with any continuing effects unlikely to cause major disability.
Less Severe PTSD£4,820 to £9,980Only minor symptoms continue after one to two years.

Material damage can be calculated without any tables. For example, you need only show:

  • Recent payslips and a doctor’s note to show loss of earnings.
  • Invoices to claim the cost of professional counselling.
  • Receipts to claim the cost of relocation.

So long as you can prove you were made to incur costs by a data breach, you can claim them back as compensation.

Contact our advisors today if you would like to discuss the damage a data breach did to you. Their details are at the start of this guide.

Can Lost Device Data Breaches Be Claimed For On A No Win No Fee Basis?

If you use our panel of solicitors after a lost device data breach, they will:

  • Investigate with diligence built over years of experience
  • Gather the strongest evidence to make your case.
  • Guide you through every step with explanations and empathy.
  • Bring your claim to the best resolution possible.

A solicitor sits at a table with a notebook and gavel explaining how to make lost device data breach claims.

Our panel can work on a No Win No Fee basis if you sign a Conditional Fee Agreement (CFA), under which you pay:

  • No upfront dues for your solicitor’s work.
  • No ongoing costs towards solicitor’s fees.
  • A legally capped percentage of your compensation is only deducted if you succeed. This is referred to as a ‘success fee’.
  • No service fees if unsuccessful.

Speak to our advisors now about lost device data breach claims. If you are eligible, they could connect you to one of the No Win No Fee solicitors from our panel.

More Useful Resources About Claiming Data Breach Compensation

Please make use of the following guide from our site:

Please also enjoy these resources from around the Internet:

Thank you for reading our guide on about lost device data breach claims.