Legal help for data breach compensation claims

LOQBOX cyberattack – one year on

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

In early March last year, it was revealed that LOQBOX, a UK financial services company, had been hit by a cyberattack. In the fallout, it emerged that the LOQBOX cyberattack had exposed customer data, so we began early investigations into the circumstances and consequences of the data breach.

Although news of the breach broke over a year ago, those affected still have time to make a compensation claim for any harm that they have suffered. If LOQBOX is found to have endangered customer information due to poor data protection practices, there must be repercussions.

To find out if you might have a claim to make, you can call us today or request a call-back using our online form.

What happened in the LOQBOX cyberattack?

In statements made following the breach, LOQBOX confirmed that a cyberattack had hit their systems in late February 2020, which they became aware of only shortly after.

It was stated that the customer information exposed included:

  • customers’ names;
  • home addresses;
  • phone numbers;
  • dates of birth;
  • payment details, including partially redacted credit card numbers, card expiry dates, sort codes, and two digits from bank account numbers.

It was unclear how many customers were affected, but the scope of the information listed made the breach a clear cause for concern. Although the payment information was only partial, fraudsters could use the exposed information to manipulate victims in scams, asking them to hand over further personal details in order to execute fraud.

A worrying element about the LOQBOX cyberattack was that victims were not alerted to it until over a week after it was identified by LOQBOX. This meant that criminals could have already been targeting unsuspecting victims over this period.

Can I claim compensation for the LOQBOX cyberattack?

In our view, LOQBOX’s statement suggests that their systems were not fully secure before the breach happened:

We constantly monitor our systems but have now taken further steps to improve the defences of the LOQBOX computer system.”

If, as we suspect, it emerges that LOQBOX had not done enough to prevent this cyberattack and, therefore, did not protect information sufficiently, victims may be eligible to claim compensation for the harm they have suffered.

Any substandard cybersecurity defences, if this applies, could put LOQBOX in breach of the GDPR. This is the key data protection law that can allow victims to claim compensation for their involvement in a data breach.

Whether victims of the LOQBOX cyberattack have suffered the effects of fraud or not, they could be eligible to recover compensation regardless. This is because the law can allow you to claim for either financial loss or distress, or both. All you need is confirmation from LOQBOX that you were involved in the breach and we may be able to help you.

Start your claim now

If you were affected by the LOQBOX cyberattack, we suggest that you get your claim underway as soon as possible, to avoid missing any potential deadlines that may be set in the future.

Our confidence in LOQBOX claims is such that we are able to take cases forward on a No Win, No Fee basis. This means that, subject to your compliance with the terms of our agreement, we can write off our legal fees in the event that the case is unsuccessful.

No one should have to suffer the consequences of a data breach, so contact us today to claim for the justice you deserve. 

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.


150 competition regulator data breaches
Compensation for identity theft