Data Breach, GDPR &
Cybercrime Claims

Hold organisations to account for failing to uphold
your data privacy rights. 

Our data breach, GDPR & cybercrime actions

Too many companies are falling short when it comes to data security, and this is making it easier for online criminals. Furthermore, as a direct result of poor data security processes and a lack of training, privacy violations because of human error are causing considerable distress and harm.

The theft and/or misuse of your personal data can cause loss, embarrassment, and feelings of violation. And you have a legal right to hold the guilty party to account.

Even if an organisation has suffered a cyberattack leading to a data breach, if it was negligent in safeguarding your data, it must be held liable.

With significant experience in this area, at Keller Postman UK, we help people make successful data breach claims against companies that have failed in their data protection responsibilities.

man using phone and holding credit card

Group Action Data Breach Claims

At Keller Postman UK, our data breach team has the legal expertise and resources necessary to take on the corporate giants and win. Find out more about our current data breach group actions and why there is strength in our numbers.

worried man sat at his desk with head in hands

Individual Data Breach Claims

If you are the victim of a data breach – often where you are the only person affected – your case might not make the headlines, but the experience can be devastating.  Our expert lawyers help clients make successful personal data breach claims across a vast range of sectors.

GDPR Data Rights

Data protection matters, and at Keller Postman UK, we make sure our clients are compensated for any GDPR violations that impact their legal rights. Our expert data rights lawyers help clients make a wide range of successful GDPR claims – including automated decision-making violations and facial recognition infringements.

Ransomware criminal in hoodie looking at computer tablet.

Cybercrime Claims

Too many companies are falling short when it comes to data security, and this is making it easier for online criminals to exploit your data. We are helping clients to make cybercrime claims against companies that have failed in their data protection responsibilities.

Why join a Keller Postman UK action to claim compensation?

Hold organisations to account for failing to uphold your legal rights.

Receive financial recompense for any losses or harm suffered.


Force organisations to implement robust data protection processes and procedures.

Why use Keller Postman UK to make a claim?

We are one of the most experienced multi-claimant legal firms in England and Wales.

Our legal team represents tens of thousands of workers and consumers across England & Wales.

We act for clients who deserve to win, and we do everything we can to ensure that they do.

We have all the resources and expertise necessary to take on complicated cases and win.

We are never afraid of a fight and are ready to take on large, deep-pocket defendants that other law firms shy away from.

From specialist barristers to expert lawyers, we always make sure you get the best possible legal support.

We have offices in Chancery Lane London, Birmingham and Liverpool, and the technology to provide a nationwide service, so we can help clients across England & Wales.

We combine expertise and technology to streamline the legal process and deliver an efficient, hassle-free experience to our clients.

We don't take on a case unless we believe we can win, and we are so confident in this that our clients don't pay us a penny unless we succeed*.

Your questions answered

See our answers to the FAQs we get asked about data breach and cybercrime claims.

Anyone who has had their personal information put at risk because an organisation has not protected their data in the way it is legally obliged can claim data breach or cybercrime compensation.

 To find out if you can make a data breach or cybercrime compensation claim contact us for a free evaluation of your case.

If you have already contacted the ICO about a breach, we can still help you to make a claim. In fact, we use the evidence uncovered in ICO investigations to support your case.

Anyone who has had their personal data exposed or put at risk can make a compensation claim. This includes customers, former customers, employees and former employees.

Under the GDPR, organisations MUST tell you if they have breached your personal data. If you suspect your data has been breached and you haven’t heard from the company in question, you should report this to the ICO.

If you are told that you are involved in a data breach, or if you hear that a company has suffered a data breach and are worried you might be affected, you should contact us to see if you are entitled to make a compensation claim. You should also note your version of events ASAP, including the impact on you. This could provide valuable evidence in court.

In some group action cases, there will also be deadlines set by the court to join a case. With strict time limits in place, it’s important to act now.


Each case is different. We always keep you updated, so you know what is happening and what to expect.

Any organisation can be held accountable for a data breach if they have not protected your data in the way they are legally required to do.

The Information Commissioner’s Office (ICO) is the UK’s independent data privacy regulator. It investigates data breaches and fines organisations who fail to meet the requirements of the Data Protection Act. You have the right to ask the ICO to assess an organisation if you think it is guilty of a breach. The ICO does not award compensation, but you can use evidence uncovered by the ICO to support a data protection compensation claim.


No, the ICO does not award compensation to data breach victims.

You do not need to have suffered any financial loss or emotional distress to make a claim. If you have suffered a privacy violation caused by an organisation breaching any part of the Data Protection Act, you have a right to claim compensation.


There are no guidelines about how much compensation you can be awarded for a claim under the Data Protection Act. If you do go to court, it is up to the judge to consider all the circumstances, including the seriousness of the breach and the impact on you.

You can claim for financial losses, emotional distress, and the failure to protect your data.

You are entitled to claim for any losses you can link directly to the breach of data. For example, has your card been used without permission or are there any transactions on your bank statement that you haven’t made? Let us know about any losses, and we will include them in your claim. You can do this at any time up to the point of settlement, but you should let us know as soon as you are aware of any such loss.


If the data breach has caused you stress or anxiety, then yes you can.

The General Data Protection Regulation (GDPR) is an EU law on data protection and privacy. It was introduced to bring data protection standards up to date in an increasingly digital and data-driven age. Despite Brexit, all UK organisations must comply with the GDPR. In the UK, the Data Protection Act 2018 (DPA) is the UK’s interpretation of the GDPR.

In the UK, the Data Protection Act 2018 (DPA) is the UK’s interpretation of the GDPR.

A data breach refers to any situation where data has been put at risk. For example, when criminals break into an organisation’s systems to steal information, or more commonly, because of simple human error and poor data protection processes.

But GDPR violations are not just about data breaches. A GDPR failure can happen when companies fail to uphold individual data rights in several other ways.

Find out more about making a claim
with Keller Postman UK

With years of experience working in commercial litigation and a genuine understanding of the inner workings of large defendants, our knowledge of the business world sets us apart from the usual group action law firm.