Bounty data breach compensation advice


We have taken No Win, No Fee claims for compensation forward for victims of the Bounty data breach after the ICO issued a significant fine of £400,000.00.

The fine from the ICO (Information Commissioner’s Office) was issued in accordance with the previous rules before GDPR came into force in May 2018. Victims of the incident may be entitled to make a claim for data breach compensation, and we have already been contacted for help.

Our lawyers are fighting for justice in dozens of different data breach actions. This is on top of the individual cases we help people with as well. If you need advice, we can help you on a free and no-obligation basis.

About the Bounty data breach

The Bounty data breach incident centres around a failure to obtain proper consent from users of the website to have their data shared for marketing purposes.

Some 34 million records for approximately 14 million individuals were shared with 39 third-parties, and this includes credit-referencing agency Equifax and telecoms giant Sky. Information was also shared with marketing agencies Acxiom and Indicia.

The data was shared between 1st June 2017 and 30th April 2018, although some was only shared until 9th January 2018. The ICO started looking into Bounty because they identified them as one of the biggest suppliers in the data broking industry. That’s when they discovered that information being shared with third-parties had been done so without proper consent.

Findings in the Bounty data breach investigation

The Bounty data breach investigations found that a wealth of personal information was being shared.

This included:

  • Names;
  • Postal addresses;
  • Email addresses;
  • Birth dates and due dates for infants;
  • Gender data;
  • Information about the pregnancy status of users.

The ICO said that their actions were “plainly deliberate”. They also said that this was an “unprecedented” incident with regards to the number of people affected in terms of the investigations into data broking behaviour.

How is this a data breach?

The ICO ruled that Bounty failed to acquire informed consent from users that their information would be shared with specific third-parties for marketing purposes. The names of the third-parties were not made clear, and some of the privacy notices were provided to users after data had already been collected.

The ICO have classed this as a serious contravention of vital data protection laws. That’s why the punishment issued to Bounty has been severe.

Claiming compensation

You may be eligible to make a claim for compensation if you are a victim of the Bounty data breach issues. We may be able to offer you No Win, No Fee representation, which we have already offered to the people we’re acting for already.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.