PwC research shows that data breaches in 2016 doubled from previous year
data breach report

PwC research shows that data breaches in 2016 doubled from previous year

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Companies and organisations have a responsibility to keep data safe and secure in accordance with the Data Protection Act (DPA). Should they fail to do so, the U.K.’s privacy watchdog, the Information Commissioner’s Office (ICO), can impose penalties accordingly.

Breaches are growing. We cover this concept a lot, because there appears to be no stopping the growth of leaks, hacks, and breaches. New research has shown data breaches have doubled on the previous year. It just seems to be getting worse and worse…

The DPA was enacted to protect an individual’s data. Such individuals are known as a “data subject”. This is achieved by placing responsibilities on companies and organisations; known as the “data controllers”. A data controller can be an individual so long as they’re processing data.


If companies and organisations are processing data, they must ensure that it complies with the DPA. If they fail to do so, the ICO can impose enforcement actions which could include prosecution and monetary penalties.

The ICO has a general duty to investigate complaints from members of the public who believe that a company or organisation has failed to deal with data correctly.

TalkTalk data breach

The maximum penalty the ICO can impose is £500,000; an amount often reserved for the most serious breaches of data protection principles. In October 2016, the ICO issued a record fine of 400,000 to telecommunications company TalkTalk. In this case, they found that TalkTalk could’ve prevented the October 2015 cyberattack if they had been better prepared. The cyberattacker managed to access 156,959 customer details, and in 15,656 cases, banking details were accessed.

PwC research

New PwC research revealed that U.K. firms were hit with breach-related regulatory fines that have been amongst the highest in Europe. This could be seen as a more stringent approach to companies and organisations’ lax attitude to cybersecurity in the U.K. when compared to our continental neighbours. On the other hand, it could indicate we’re falling short when it comes to proper data protection.

PwC research showed there were 35 U.K. data breaches in 2016 which totalled £3,245,500. This is almost double from the year before, where there were 18 data breaches amounting to £2,031,250.

So, do the above statistics show the U.K. are more stringent on protecting data? Or does it show we’re not as well prepared as others?

Either way, the growing trends of data breaches remains a significant concern.


If you thought those fines were big, wait until you see what happens with the introduction of the EU General Data Protection Regulations (GDPR). The GDPR is set to be enforced on 25th May 2018 where, in a nutshell, companies and organisations will face larger fines if they don’t comply with the law.

Under the new regulations, companies and organisations could be fined up to 4% of their annual global turnover, or £16.9 million; whichever is the largest amount. The fines can be imposed regardless of what type of breach has happened; whether it’s a cyberattack or human error, which are two of the most common breaches.

The silver-lining of this is that companies and organisations have the power to prevent or at least be readily prepared for these breaches. They just have to sort it out and make sure they do!

The shifting focus on protecting data

The introduction of the GDPR shows a sharp focus on the attention of protecting data. Matt Hancock, culture and digital minister, reiterates this by stating:

“The upcoming GDPR will be key to ensuring strong organisational data protection regimes supported by strong cybersecurity.”

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon