AA’s data breach: recovery may not be enough this time…
aa data breach

AA’s data breach: recovery may not be enough this time…

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Leading U.K. motoring company the AA is the latest to be involved in a data breach scandal that could end up crippling for customers.

AA President, Edmund King, finally confirmed they were informed of the potential vulnerability of the AA Shop data on 22nd April 2017.

The motoring company reportedly misled customers by denying they had any knowledge of the leak and tried to reassure customers that their information was very secure. Researchers weren’t convinced this was the case and so decided to dig deeper, and it has since transpired that AA knew about the vulnerability in their database systems back in April.

The motoring company reportedly told Motherboard that they had fixed the system on 25th April after it was only accessed ‘several times’. Since this ‘fix’, the information of more than 117,000 clients have been found online.

What information was leaked in the AA data breach?

The 13 gigabytes of leaked data included email addresses, purchase histories and full credit card payment information! The payment information even included the expiry dates and last 4 digits of the cards. This could easily allow cyber-hackers to utilise the information to create further damage.

Credit card information is notoriously sold on the black market/dark web. According to McAfee researchers, basic details for Visa, MasterCard, Amex, or Discover cards, which includes the card number and software generated information, can go for $25-$30 (£19-£23) in Europe. With AA exposing their customers’ full credit card information, cyber-hackers could have a field day. The huge database was published for a few days in April.

Motherboard confirmed the leaked information was legitimate after they spoke to some of the customers who were affected by the data breach.

No notification

The company has reportedly yet to contact or notify affected customers. What’s possibly even more surprising is the fact that AA reportedly denied that the leaked information was sensitive in nature. This is even with evidence showing to the contrary. It’s also a no-brainer that credit card information is considered as sensitive information. Who in the right mind wouldn’t think it was sensitive?

The motoring company said it investigated, sampled the data, and came to the conclusion that, because it had only been accessed a few times, it wasn’t considered as sensitive; consequently ending the investigation.

Mr King stated:

“…[we] would like to reassure our AA Shop customers that their payment details have not been compromised.”

Is he deluded? There is clear evidence to show that it has been compromised!!!

He also stated:

“We take any data issues incredibly seriously.”

The contradiction in this statement is incredible. He obviously hasn’t taken it that seriously or he would’ve alerted their customers about the data breach as soon as it happened. His words feel like just empty promises.

If you have been affected by this, we urge you to get in touch with our Data Leak Lawyers as soon as you can!

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon