How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • Go back-and-forth until satisfied
    Rate the answer you receive.
Ask Ben Jones Your Own Question
Ben Jones
Ben Jones, UK Lawyer
Category: Law
Satisfied Customers: 77892
Experience:  Qualified Solicitor
29905560
Type Your Law Question Here...
Ben Jones is online now

The company which i worked for, recently had a data breach.

Customer Question

The company which i worked for, recently had a data breach. As a result, my personal details have been used to set up a fradulent company, with myself as the director.
JA: Have you discussed this with a manager or HR? Or with a lawyer?
Customer: The company is not assuming liability, and they are doing very little to support us.
JA: What is your employment status? Are you an employee, freelancer, consultant or contractor? Do you belong to a union?
Customer: HR is not being helpful. My current manager is aware but he has also been affected I have not yet spoken to a lawyer
JA: Is there anything else the Lawyer should know before I connect you? Rest assured that they'll be able to help you.
Customer: I no longer work for them, but i am emplyed
Submitted: 19 days ago.
Category: Law
Expert:  Ben Jones replied 19 days ago.
Hello, I’m Ben, a solicitor, and it’s my pleasure to assist you. I may ask for some preliminary information to help me determine the legal position.
Customer: replied 19 days ago.
What do you need to know?
Expert:  Ben Jones replied 19 days ago.

I understand your details have been used to set up a fraudulent company as a result of a data breach with your former employer. Please provide some more details of what exactly has happened?

Customer: replied 19 days ago.
Essentially, the company which i worked for, had a data leak. As a result of this, a fradulent company has been set up, with myself as the company director. Since then, the company has said that they are not assuming liability as it may have been a third party leak. They have yet to provide any proof of this. They have asked us to fill in and sign two forms, which i have sent. I will send you images of the forms.
Customer: replied 19 days ago.
File attached (V21M4L2)
Customer: replied 19 days ago.
File attached (2VM243L)
Expert:  Ben Jones replied 19 days ago.

Thank you, ***** ***** did you leave this employment please?

Customer: replied 19 days ago.
I did not leave their employment by my own choice. The company i work for, Bare minerals, was owned by Shiseido. However, the latter sold us to another company. Therefore our employment started with the new owners on the 6th December 2021. We ceased employment with Shiseido on the 5th December 2021
Expert:  Ben Jones replied 19 days ago.

OK I understand, and what would you like to ask about this please, so that I can best advise?

Customer: replied 19 days ago.
I need to know whether or not I have grounds for sueing them. And whether or not, this action can be done as a group, as there are many of us affected
Expert:  Ben Jones replied 19 days ago.

OK I understand and thank you for providing this information. Please do not worry and leave it with me for now. I will get back to you with my full reply on here; usually the same day. The system will notify you when this happens. Many thanks.

Customer: replied 19 days ago.
Thank you
Expert:  Ben Jones replied 19 days ago.

No problem at all. I will get back to you at the earliest opportunity. Many thanks

Expert:  Ben Jones replied 19 days ago.

Many thanks for your patience, it is appreciated. I am now pleased to be able to provide further assistance with your query. First of all, I am sorry to hear about the issues brought up by this. It must be a frustrating situation to be going through.

Whether you can sue the company which had the breach will very much depend on whether they were in some way negligent in allowing the breach to happen. All that would be required of them is to have had reasonable safeguards to protect against such a breach, but you have to bear in mind that even if they did and the breach still happened, that would not always make them liable. There has to be negligence on their part, or they would have had to know there was a specific risk of hacking their data, such as previous attempts, which were not adequately safeguarded going forward.

At this stage it is very difficult to say if you have a case or not as you need to establish how the breach happened and what the company did, or should have done, to protect itself from that in the first place. In the end, you are looking at negligence or lack of reasonable steps to reasonably protect their systems, which in turn led to the breach. Only then can you reasonably consider taking it further and potentially suing them, or reporting them to the Information Commissioner’s Office.

Expert:  Ben Jones replied 19 days ago.

Hopefully, I have answered your query in a way that is simple and easy to understand. If anything remains unclear, I will be more than happy to clarify it for you. In the meantime, thank you once again for using our services.

Customer: replied 19 days ago.
Thank you so much! This does help enormously. If I do find evidence of the above, I will be sure to inform you.
Expert:  Ben Jones replied 19 days ago.

You are most welcome. If you have any further questions about this, please do not hesitate to get back to me and I will be happy to help. All the best.