Reading:
Bounty data breach leads to huge ICO fine
Share:
mum

Bounty data breach leads to huge ICO fine

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

The Information Commissioner’s Office (ICO) has issued a fine of £400,000.00 having concluded their investigations into the significant Bounty data breach.

We’ve already been contacted for help and taken claims for data breach compensation forward on a No Win, No Fee basis since news of the fine broke in the media. As many as 14 million individuals may have had their personal data shared, including new mothers and infants by extension.

The ICO has established that Bounty failed to properly inform users that their data would be shared for marketing purposes. The findings also confirmed that no one was able to give proper and informed consent as well.

About the Bounty data breach

The Bounty data breach has seen some 34 million personal records shared for around 14 million individuals to 39 third-parties. The third-parties included marketing agencies Acxiom and Indicia, as well as credit-referencing agency Equifax, and telecoms provider Sky.

Personal records were shared between 1st June 2017 and 30th April 2018, with some shared until 9th January 2018 depending on how the user signed-up to the service.

The breaches took place prior to the introduction of GDPR which is why the fine isn’t in the millions.

Information shared in the Bounty data breach

The ICO investigated Bounty having tagged them as one of the largest suppliers in the data broking industry they were looking at. Information that has been collected and possibly shared with third-parties in the Bounty data breach case includes:

  • Names;
  • Baby due dates;
  • Postal addresses;
  • Email addresses;
  • The pregnancy status of expecting mothers;
  • Birth dates;
  • Gender information.

In some cases, personal data was shared multiple times with the third-parties.

How has Bounty breached data protection laws?

Bounty has breached data protection laws because they failed to acquire informed consent from users for their information to be shared. They also failed to list the names of all of the companies they were sharing data with, and some of the privacy notices were reportedly issues after a user had already signed up (which is past the point of data collection when it ought to be relayed).

The finding by the ICO was that Bounty had processed data unfairly. The ICO labelled their actions as “plainly deliberate” and called this a “serious contravention”.

What can you do as a victim of the Bounty data breach?

If you were a victim of the Bounty data breach, you may be able to make a claim for data breach compensation. We can represent you on a No Win, No Fee basis, and we have already taken cases forward.

The Data Leak Lawyers are fighting for justice in over 25 different data breach actions. We’ve been helping people for years, and thousands have come to us for help.

Our initial advice is free and on a no-obligation basis.

We believe that there may be a case to answer. The ICO were highly critical of the incident, saying that this breach represented an “unprecedented number of affected data subjects in the history of the Commissioner’s investigations into data broking”.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon