Security

Morrisons Appeals Insider Breach Compensation Ruling

UK supermarket giant Morrisons is in the Court of Appeal this week fighting to have overturned a judgement that it should compensate employees after a major insider data leak.

A High Court judge ruled last year that the company was “vicariously liable” for the actions of one of its employees, former internal auditor Andrew Skelton, who published the personal details of 100,000 employees online and sent them to several newspapers.

The leaked data included NI numbers, birth dates and bank account details, and Skelton was eventually jailed for eight years back in 2015.

Morrisons argued at the time that it had already paid around £2m to mitigate the breach. However, it was also awarded £170,000 in compensation, while employees got nothing.

In the UK’s first class action lawsuit, over 5000 of these employees subsequently took the supermarket chain to court, demanding compensation for the “upset and distress” caused by disgruntled insider Skelton’s actions.

The retailer’s lawyers are arguing this week that their client cannot be held “vicariously liable” because the Data Protection Act 1998 — the legislation in place at the time of the incident — excludes vicarious liability.

Representing the claimants, JMW Solicitors data privacy specialist, Nick McAleenan, argued that Morrisons is looking to protect its £374m annual profits rather than recognize the impact of the breach on its employees.

“This is a classic David and Goliath case — the victims here are shelf-stackers, checkout staff and factory workers; just ordinary people doing their jobs,” he reportedly said.

“They were obligated to hand over sensitive financial and personal information to Morrisons — including national insurance numbers, dates of birth and bank account details — and had every right to expect that information to be kept confidential.”

Articles You May Like

UK’s Magical Mushroom Company uses Mycelium to replace plastic packaging
FCC Commissioner writes to Apple and Google about removing TikTok
Do back offices mean backdoors?
Ransomware Suspected in Wiltshire Farm Foods Attack
Firefox 102 fixes address bar spoofing security hole (and helps with Follina!)

Leave a Reply

Your email address will not be published.