Sweaty Betty data breach advice


News of the Sweaty Betty data breach hit the media last week where it has been confirmed that the retailer suffered a cyberattack that has led to the exposure of customer information.

Customers who placed an order either online or by telephone between Tuesday 19th November and Wednesday 27th November 2019 may have been affected. It’s understood that malicious code had been inserted into their e-commerce system where data processed through it has been copied and therefore exposed.

If you have been affected by this incident as a resident in England or Wales, you can speak to our team today for free, no-obligation advice.

Information exposed in the Sweaty Betty data breach

It’s understood that information that may have been exposed in the Sweaty Betty data breach incident includes customers’:

  • Names;
  • Postal address;
  • Email addresses;
  • Telephone numbers;
  • Passwords;
  • Payment card numbers, CVV numbers and expiration dates.

The company’s understood to be contacting victims to let them know that they have been affected. If you used the service during the above breach period, you may need to prepare for the worst. In the hands of criminals, this data could lead to incidents of theft and fraud.

A familiar incident

The Sweaty Betty data breach appears to be rather familiar in terms of how it has happened. Malicious code being inserted into an e-commerce system is similar to what happened in two other breaches that we’re representing people for; the BA Group Action and the Ticketmaster cyber-attack.

The fact that these kinds of attacks have taken place should have acted as a warning for other organisations to make sure that their own systems are secure. On top of that, the introduction of the GDPR makes clear that punishments that can be issued by the ICO (Information Commissioner’s Office) can be severe, and the duty on data controllers is clear. When you consider these factors, we’re concerned as to how this latest attack has taken place.

Sweaty Betty has said that the incident stemmed from a “highly-sophisticated cyber security incident” and that they have taken steps to secure their site. We question why such steps have been taken after a breach has already taken place. Surely, this should have been done prior to an incident, but as we often see, reaction usually comes before prevention.

Free, no-obligation advice

If you have been affected by the Sweaty Betty data breach, our team are on-hand to be able to offer you free, no-obligation advice about your options for compensation.

You may be entitled to claim for any distress that has been caused from the loss of control of your personal data. You may also be able to claim if you have suffered any financial losses, but you don’t have to have suffered actual losses in order to claim.

We may also be able to represent you for a legal case on a No Win, No Fee basis.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

Request a Callback from our team!

Fill out our quick call back form below and we’ll contact you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.