THE PROBLEMSOLVING LAWYERS

Standing up for the rights of victims of personal data theft

The Service

Blackbaud is one of the largest suppliers of specialist software to educational establishments and charities in the UK.

In May 2020 Blackbaud suffered a ransomware attack that involved user data being copied from a server in the period between 7 February 2020 and 20 May 2020 (“the Breach Period”) and several databases for the educational establishments and charities (“the Organisation(s)”) which they serve were affected.

As a Data Controller, Blackbaud is obliged to ensure your personal data are processed adequately, in accordance with the General Data Protection Regulation (GDPR). This includes making sure that your personal information is protected against accidental loss.

If a Data Controller fails to comply with the GDPR, any person who suffers material damage (financial loss) or non-material damage (e.g. distress) as a result of their failure has the right to receive compensation.

The Court of Appeal confirmed in the case of Lloyd v Google that simple “loss of control” is also a type of damage caused by a data breach, for which an individual can be compensated. This ruling is currently being considered by the Supreme Court. If the ruling is upheld, it will be far easier for an individual to make a successful claim for compensation.

We conduct claims on a no-win no-fee basis. If your claim is successful, we will seek to recover our costs from the defendant and we may deduct any shortfall from your award of damages, up to a maximum of 25%.

If you have suffered financial loss, or distress, because of your data having been lost or stolen during the data breach, you could be eligible to make a claim for compensation.

The reviews and appeals process is a one-chance only to correct inaccurate grades.

The process requires an understanding of the TAGs process and available grounds.

The process is time critical.

Why use Claimsmiths?

Claimsmiths are a team of specialist lawyers. We operate in a fast-paced environment, giving expert advice precisely when it is needed. We combine key legal expertise with commercial nous and strategic thinking.

We stand up for the rights of consumers, advise victims of personal data theft, and much more besides.

Data Breach Claims are a new and developing area of law and Claimsmiths are well positioned with a dedicated team that includes a recognised expert in data protection and information rights.

Our team is made up of litigators able to analyse evidence and apply the law and guidance. Our sound strategic offering and litigation expertise allow us to provide the best advice for our clients.

FAQ

I have not received an email advising me of the data breach? Can I still make a claim?

Just because you have not received notification of the data breach, this does not mean your personal data were not copied during the ransomware attack. Not all organisations notify their members of data breaches in the manner required by law. If you were a member of one of the listed organisations during the Breach Period, it is likely your personal data were affected by the ransomware attack.

Will the claim affect my ongoing membership with the Organisation?

Reassuringly, the claim is more likely to be pursued against Blackbaud as the defendant rather than the Organisation and as such will not affect any ongoing relationship you have with them.

What if I was not a member of the Organisation until after the Breach Period?

It is unlikely you will be able to bring a claim. If the Organisation did not hold your personal data during the Breach Period, they could not have been copied during the ransomware attack.

What if I am no longer a member of the Organisation?

The fact you are no longer a member of the Organisation should have no impact on your ability to bring a claim. If you were a member during the Breach Period, it is likely your personal data were copied during the ransomware attack.

How do I evidence my claim for compensation?

You will need to provide evidence that you were a member of the Organisation during the Breach Period. Ideally you will have correspondence from Blackbaud or the Organisation advising you of the data breach, although as detailed above this should not be strictly necessary (see FAQ “I have not received an email advising me of the data breach? Can I still make a claim?”).

Can you guarantee I will receive compensation for the data breach?

As with any legal claim we are unable to guarantee success. However, the law surrounding data breach claims is clear. For the defendant to successfully defend the claim they would need to be able to demonstrate the “loss of control” of your personal data was not their fault and/or was entirely unavoidable.

How long will the claim take to resolve?

The defendant will have 28 days to respond to a formal Letter of Claim, which sets out your case in detail. Given that the law on data breach claims is very clear, it would be in the defendant’s best interests to settle the claim quickly and avoid litigation. In the event the defendant fails to settle the claim, and you need to issue proceedings, the time to resolution will inevitably increase. In these circumstances you would be provided with a more detailed timescale.

Do you offer the service on a no-win no-fee basis?

Yes, we conduct the claims on a no-win no-fee basis. If your claim is successful, we will seek to recover our costs from the defendant and we may deduct any shortfall from your award of damages, up to a maximum of 25%.

Is there any upfront cost to me?

No, by entering into a no-win no-fee agreement there are no up-front costs involved.

Do you offer this service in Scotland or Northern Ireland?

No, we only provide legal services in England & Wales.

CHECK ELIGIBILITY?

Are you, or have you been a member of or student at any of the following:

National Trust
Crisis
Shelter
Sue Ryder
Action on Addiction
Breast Cancer Now
Maddabi GB
Myeloma UK
The Urology Foundation
Young Minds
MS Trust
StopItNow
The Donkey Sanctuary
Manchester Foundation Trust
Autistica
Leeds International Piano Competition
Boaz Trust
Overthewall
ACS International Schools
Radley College
St Albans School, Hertfordshire
Stonyhurst College
University of Aberdeen
Aberystwyth University
University of Birmingham
Birmingham City University
Brasenose College, Oxford
University of Bristol
Brunel University, London
Cumbria University
De Montfort University
University of Durham,
University of East Anglia

University of Exeter
St Aloysius’ College
University of Glasgow
Goodenough College
Sheffield Hallam University
Heriot-Watt University
Hughes Hall College, Cambridge
University of Kent,
King’s College London
University of Leeds,
University of Liverpool
University of London,
Loughborough University
Magdalene College, Cambridge
University of Manchester,
Edinburgh Napier
University of Newcastle
University of Northampton
Oxford Brookes University
University of Reading,
Robert Gordon University
Selwyn College, Cambridge
University of South Wales
St John’s College, Cambridge
Staffordshire University
University of Strathclyde
University of Sussex
University College, Oxford
University of West London
University of York
Northumbria University
Somerville College, Oxford
University of Oxford
The Labour Party

YES

NO

Have you received an email from the relevant organisation to inform you that your account may have been subject to a data breach?

YES

NO

Have you previously been declared bankrupt or are you subject to an IVA?

YES

NO

I'M SORRY YOU'RE NOT ELIGIBLE

YOU MAY BE ELIGIBLE TO CLAIM COMPENSATION AS A RESULT OF THE DATA BREACH

Continue below to begin claim process.

START CLAIM

Claimsmiths is a trading name of Brandsmiths S.L. Limited which is authorised by the Solicitors Regulatory Authority, SRA No: 620298. Founding Partner: Adam Morallee
Privacy and Cookie Policy | Terms and Conditions | Complaint Procedure | Site by: Elate Global