Morrisions in rogue employee data breach

Morrisons has been found liable for the actions of a former member of its staff who stole the data of thousands of employees and posted it online.

Workers have brought a claim against Morrisons after an employee stole personal data, including salary and bank details, amounting to almost 100,000 staff.

Due to ‘upset and distress’, The High Court has now allowed those affected to claim compensation.

Morrisons said it believed it should not have been held responsible and will be appealing against the decision.

He posted the information – including names, addresses, bank account details and salaries – online and and sent it to newspapers.

Skelton’s supposedly held grudge over an incident when he was accused of dealing so-called legal highs at work.

He was jailed for eight years in 2015 after being found guilty at Bradford Crown Court of fraud, securing unauthorised access to computer material and disclosing personal data.

Lawyers said the data theft meant 5,518 former and current employees were exposed to the risk of identity theft and potential financial loss and that the company was responsible for breaches of privacy, confidence and data protection laws.

Anya Proops, QC for Morrisons, said Skelton had already caused serious damage to the company and it had incurred more than £2m in costs in responding to the misuse.

She argued the extent to which an employer could be held liable for the criminal misuse of third-party data by an employee was of “huge importance” for individuals, businesses and organisations.

On the topic of data, businesses need to be aware of the changing data laws coming into affect early next year. You can find out more here.

Free family law consultation