Morrisons granted Supreme Court appeal over data breach

Bradford-headquartered Big Four supermarket Morrisons has been granted permission to appeal to the Supreme Court following a data breach that affected 100,000 employees.

In October, the retailer lost its appeal against the High Court’s ruling that had found it legally responsible for the huge data breach.

But the supermarket then applied for permission to appeal the case to the Supreme Court, which has now been granted.

The decision comes as part of the long running case connected with the data breach. It was in December 2017 that Morrisons was found liable for the actions of a former member of its staff who stole the data of thousands of employees and posted it online.

More than 5,500 staff brought a claim against the company after internal auditor Andrew Skelton stole the data, including salary, National Insurance and bank details, of nearly 100,000 staff. Skelton was jailed for eight years in 2015 after being found guilty at Bradford Crown Court of fraud.

Around 1,000 claimants in Yorkshire and seeking compensation from the supermarket over the breach of data security in 2014. The case was the first data leak class action in the UK.

Nick McAleenan, a Partner and data privacy law specialist at JMW Solicitors, is representing the Claimants. He said: “While the decision to grant permission for a further appeal is of course disappointing for the Claimants, we have every confidence that the right verdict will, once again, be reached – it cannot be right that there should be no legal recourse where employee information is handed in good faith to one of the largest companies in the UK and then leaked on such a large scale.

“This was a very serious data breach which affected more than 100,000 Morrisons’ employees – they were obliged to hand over sensitive personal and financial information and had every right to expect it to remain confidential. Instead, they were caused upset and distress by the copying and uploading of the information.”