Supreme Court allows Morrisons to appeal data breach verdict

Supreme Court allows Morrisons to appeal data breach verdict

Supreme Court allows Morrisons to appeal data breach verdict

The Supreme Court of the United Kingdom has allowed supermarket chain Morrisons to file an appeal against the Court of Appeal verdict that found Morrisons responsible for a 2014 data breach which affected more than 100,000 employees.

The Supreme Court’s decision to allow Morrisons to appeal comes as a major boost for the supermarket chain as the Court of Appeal had, in October last year, refused to grant permission for the same.

In December 2017, the High Court in Leeds found Morrisons vicariously liable for the 2014 data breach that involved Andrew Skelton, an internal auditor at Morrisons’ Bradford office, leaking personal and financial information of nearly 10,000 internal staff on the web.

The High Court was approached by 5,518 current and former staff at Morrisons who demanded compensation from the supermarket chain for the distress they suffered following the data breach. The breach had compromised names, NI numbers, birth dates and bank account details of nearly 10,000 current and former Morrisons staff.

Skelton was sentenced to 8 years after being found guilty of leaking personal details of Morrisons employees, and Morrisons was also awarded £170,000 in compensation by the court.

“We say that, having entrusted the information to Morrisons, we should now be compensated for the upset and distress caused by what we say was a failure to keep safe that information,” said Jonathan Barnes, counsel for the employees.

Major boost for Morrisons

Following the High Court’s ruling, Morrisons said it will appeal the ruling it had incurred significant expenses to minimise the damage caused by the breach. The supermarket chain will now be able to present its side of the story to Supreme Court judges and hope for a favourable verdict.

If the Supreme Court rules in favour of the supermarket chain, then its decision will serve as a precedent in cases where organisations are held vicariously liable for the acts committed by malicious insiders.

Commenting on the Supreme Court’s decision to allow Morrisons to appeal against the decision of the Court of Appeal, Nick McAleenan of JMW Solicitors who represents the affected employees, said that he remains hopeful that his clients’ right to a legal recourse will be respected.

“While the decision to grant permission for a further appeal is of course disappointing for the Claimants, we have every confidence that the right verdict will, once again, be reached – it cannot be right that there should be no legal recourse where employee information is handed in good faith to one of the largest companies in the UK and then leaked on such a large scale.

“This was a very serious data breach which affected more than 100,000 Morrisons’ employees – they were obliged to hand over sensitive personal and financial information and had every right to expect it to remain confidential. Instead, they were caused upset and distress by the copying and uploading of the information,” he added.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]