FOLLOWING THE 19 March LIVE UK revelation that a law firm was planning to launch legal action against Ticketmaster (TM) over its data breach last June, a High Court action claiming £5 million in damages has now been filed.
Widnes-based Hayes Connor Solicitors (HCS) is claiming reparations for more than 619 clients it says have suffered fraud attempts on their accounts following the data hack.
HCS says a further 106 people have also contacted the firm with possible claims.
“Significant numbers of clients suffered fraudulent activity as result of this breach,” HCS MD Kingsley Hayes tells LIVE UK. “These comprised both attempted and actual frauds for transactions worth many thousands of pounds.
“Some clients were on holidays and had their cards cancelled [by the bank], so they had no funds while they were away. Others had to deal with the outcomes of identity theft at short notice, which is a massive issue for someone to deal with.
“A group of clients within this action are vulnerable and became very anxious, requiring psychological help as result of fraud attempts, spam emails and calls.”
Live Nation Entertainment-owned TM admitted last year that up to 40,000 people may have been affected by the theft of personal ID and credit card details (see LIVE UK issue 222).
The court case is likely to hinge on when TM discovered the data breach and how quickly it reacted once aware of it. HCS alleges that TM failed to notify customers until two months after it was alerted to irregularities by digital bank Monzo.
However, HCS says TM is unwilling to reveal technical information while government’s data watchdog the Information Commissioner’s Office (ICO) is continuing its investigation into the breach.
“The court can make its decision without the ICO findings, so we are pressing ahead to obtain information which can lead to a ruling in the court,” says Hayes.
He adds that claimants will be grouped into up to six categories, with a separate case for each category, and that anyone affected can still seek compensation, pointing out that this will be the first multiple-claimant data breach claim to be dealt with under recent GDPR legislation.
The ICO says it does not comment on ongoing investigations and could not provide an end date to its inquiry, while TM declined to comment.