Exchange Chambers builds data breach practice

January 24, 2019

Exchange Chambers has continued to develop its data breach practice with a range of high-profile instructions.

Louis Browne QC and Ian Whitehurst from Exchange Chambers have been instructed by Hayes Connor Solicitors to advise on a potential group action against Ticketmaster after a significant data breach.

The breach is believed to have affected the payment and personal details of customers who either bought, or attempted to buy, tickets via Ticketmaster between February and June this year.

Also instructed by Hayes Connor, Ian Whitehurst is advising on a group action to help victims of the Equifax data hack.

The group action is being initiated after Equifax was fined £500,000 by the Information Commissioner’s Office (ICO).

The ICO’s investigation was carried out under the Data Protection Act 1998 rather than the current General Data Protection Regulation (GDPR), and the £500,000 fine is the maximum allowed under the previous legislation.

The fine follows a 2017 cybersecurity incident which led to the loss of UK customer data held by Equifax Ltd on the servers of its US parent. Following the data breach, it was revealed that Equifax’s failure to patch a server flaw resulted in hackers potentially stealing 143 million US citizens’ data, and the personal details of up to 15 million Brits. This sensitive information included email addresses, passwords, driving license numbers and phone numbers.

Ian Whitehurst is also instructed by Hayes Connor to advise on a group action to help victims of the latest Dixons Carphone data hack to claim compensation.

In other data-related instructions, Ian Whitehurst has been instructed by BLM to advise a company on a new business model and its compliance with GDPR.  He has also been instructed, via direct access, to represent a telecommunications marketing company in the Regulatory Chamber (Information Rights Tribunal) and by a national company via their in-house legal department on an appeal to the same Tribunal to protect economic and commercial sensitive documentation being disclosed into the public domain.