Morrisons’ staff to sue retailer over payroll leak
Thousands of Morrisons’ employees are to sue the supermarket giant in what is believed to be Britain’s biggest ever claim in relation to a breach of data security.
It follows the posting on the internet of the bank, salary and National Insurance details of almost 100,000 members of staff by a former colleague with a grudge.
Andrew Skelton was jailed for eight years in July following a trial at Bradford Crown Court which heard that he sent the information to newspapers and placed it on data sharing websites.
Skelton, who worked as a senior internal auditor at Morrisons’ Bradford head office, had previously been suspected of dealing controlled drugs at work.
More than 2,000 of his ex-colleagues are now to pursue a group claim against the retailer following a hearing before Senior Master Barbara Fontaine at the Queen’s Bench Division of the High Court in London.
Nick McAleenan, a Data Privacy lawyer at JMW Solicitors, said there will be a four-month period in which other Morrisons’ employees who were affected could join the group action.
He added that the case had important implications for “every employee and every employer” in the country.
“Whenever employers are given personal details of their staff, they have a duty to look after them.
That is especially important given that most companies now gather and manage such material digitally and, as a result, it can be accessed and distributed relatively easily if the information is not protected.
My clients’ position is that Morrisons failed to prevent a data leak which exposed tens of thousands of its employees to the very real risk of identity theft and potential loss.
In particular, they are worried about the possibility of money being taken from their bank accounts and – in the case of younger clients – negative consequences for their credit rating.”
Skelton’s trial was told that he took Morrisons’ payroll information and then leaked the details of 99,998 employees after being disciplined for a previous incident in which he was accused of using the company’s mailroom to ship parcels to his private eBay customers.
McAleenan said the claim to be filed by his clients would allege that Morrisons was ultimately responsible for breaches of privacy, confidence and data protection law.
He added: “I expect that we may well see other employees who might have been dissuaded from making a claim on their own deciding to join with their colleagues because of the group momentum which has now been established