Up to 2,000 Morrisons staff – both past and present – are suing the supermarket giant in a group action triggered by last year’s data breach perpetrated by disgruntled senior IT auditor Andrew Skelton.
Skelton was handed an eight-year prison sentence in July after being found guilty of exposing the company’s 100,000-strong payroll database – including staff names, addresses and bank details – in revenge for being disciplined.
Bradford Crown Court had heard how Skelton had been incensed when bosses accused him of using the HQ mailroom to send what they claimed was legal highs. However, it transpired that he was simply receiving and posting goods he had bought and sold on eBay, but this was all too late as he had already done the deed by then.
Other Morrisons staff have been given four months to join the group claim, which is being spearheaded by JMW Solicitors.
The case is understood to be the UK’s biggest ever claim in relation to a breach of data.
JMW data privacy lawyer Nick McAleenan said: “Whenever employers are given personal details of their staff, they have a duty to look after them. That is especially important given that most companies now gather and manage such material digitally and, as a result, it can be accessed and distributed relatively easily if the information is not protected.”
Morrisons axes price match scheme
Retailers warned as loyalty plunges
Morrisons deal to woo web sales
Morrisons is bullshit, says ex-boss
Morrisons chief banged up for 8 years
Grudge sparked Morrisons breach
Staffer held over Morrisons breach