Credit report published online by estate agent
ftm247
Posts: 17 Forumite
Hi Everyone,
Looking for advice here, we recently listed out property with an estate agent (will not mention their name for now)
When they published our property on right move they accidentally published my partners credit report instead of the EPC so when people clicked on that it brought up her full credit report.
Luckily a good samaritan informed us that it was there after half a day of it being live so it was corrected.
Obviously the estate agent has breach data protection by doing this, does anyone know where we would stand with this legally and what we would be entitled to for this?
Thanks in advance!
Looking for advice here, we recently listed out property with an estate agent (will not mention their name for now)
When they published our property on right move they accidentally published my partners credit report instead of the EPC so when people clicked on that it brought up her full credit report.
Luckily a good samaritan informed us that it was there after half a day of it being live so it was corrected.
Obviously the estate agent has breach data protection by doing this, does anyone know where we would stand with this legally and what we would be entitled to for this?
Thanks in advance!
0
Comments
-
You should advise them of the breach.
You could pursue them for your losses. If you have none, you may get a small goodwill gesture.0 -
If you feel this has affected you detrimentally, then you are free to make a complaint to the ICO.
They have a range of powers from, warnings and reprimands, to monetary penalties :
https://www.nibusinessinfo.co.uk/content/gdpr-penalties-and-enforcementI’m a Forum Ambassador and I support the Forum Team on the Debt free wannabe, Credit file and ratings, and Bankruptcy and living with it boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com. All views are my own and not the official line of MoneySavingExpert.For free non-judgemental debt advice, contact either Stepchange, National Debtline, or CitizensAdviceBureaux.Link to SOA Calculator- https://www.stoozing.com/soa.php The "provit letter" is here-https://forums.moneysavingexpert.com/discussion/2607247/letter-when-you-know-nothing-about-about-the-debt-aka-prove-it-letter0 -
Good old days of an apology and a bunch of flowers and covering any actual losses are long gone it seems. An error, no provable loss but a demand for money they are "entitled" to...0
-
Hi Everyone,
Looking for advice here, we recently listed out property with an estate agent (will not mention their name for now)
When they published our property on right move they accidentally published my partners credit report instead of the EPC so when people clicked on that it brought up her full credit report.
Luckily a good samaritan informed us that it was there after half a day of it being live so it was corrected.
Obviously the estate agent has breach data protection by doing this, does anyone know where we would stand with this legally and what we would be entitled to for this?
Thanks in advance!
You would not be "entitled" to anything automatically, unless the breach was a direct cause of any financial loss, which I doubt, provided an estate agent's website is not a hub for fraudsters to reside. Anyone who may or may not have come across the document would most likely have not taken much notice of it.
The incident would need to be filed to the ICO, however the unnamed organization responsible can do it. The ICO would decide a course of action to take, which I doubt is necessary in this case.Advice provided from this account does not consist of any professional knowledge. For professional debt advice, please contact either National Debtline or StepChange. Advice may consist of personal experience, opinion and/or informational sources.0 -
It wasn't the estate agent website, it was right move itself.
Secondly the fact it put information like current amount left on our mortgage then it gave potential buyers the opportunity to see the financial position we were are in prior to selling and they may offer lower accordingly.
We are not out for what we are "entitled" to, in the end they have mishandled a credit report which contains pretty much all your financial and personal information. If you clearly don't think its that important feel free to send me yours and Ill put it out for the public to view and we will see how your opinion changes on the matter.
With GDPR I was trying to find it there was something that had now been agreed for when a company does something in a situation like this.0 -
They need reporting to ICO. Companies like this need to feel some financial pain and ICO will quite happily hand them a nice fine to remind them of their responsibilities.
It won't have been Rightmove who did it, they only post information that the estate agents give them and clicking on the link to the EPC would link to a PDF that the estate agent had uploaded.
You're not likely to get any financial compensation however it would be nice to think the estate agents felt a bit of pain.0 -
It wasn't the estate agent website, it was right move itself.
Secondly the fact it put information like current amount left on our mortgage then it gave potential buyers the opportunity to see the financial position we were are in prior to selling and they may offer lower accordingly.
We are not out for what we are "entitled" to, in the end they have mishandled a credit report which contains pretty much all your financial and personal information. If you clearly don't think its that important feel free to send me yours and Ill put it out for the public to view and we will see how your opinion changes on the matter.
With GDPR I was trying to find it there was something that had now been agreed for when a company does something in a situation like this.
I understand the distress and inconvenience it has caused you and I do not condone their mistake at all, however I was suggesting that the level of risk caused by the data breach was lower than if it was published somewhere on the internet where it would receive a higher level of unwanted attention to it, thus reducing the likelihood of someone using your information to commit fraud.
As I said, I am sure the entity responsible, whoever uploaded it, will file the incident with the ICO and if corrective action is necessary, it will be taken.
Although there has clearly been some negligence here, as the file should have been checked before upload, I doubt the ICO would fine them first time, unless they have done this before. The most likely outcome would be reviewing their internal procedures regarding data protection and handling, implementing measures to satisfy the ICO that it won't happen again.
Other than the above, there won't be any compensation or other direct remediation between you and the party responsible unless you sue them for damages or losses, which doesn't seem to have happened.Advice provided from this account does not consist of any professional knowledge. For professional debt advice, please contact either National Debtline or StepChange. Advice may consist of personal experience, opinion and/or informational sources.0 -
It hasn't happened yet, they did initially offer £100 as an apology, but they are going back to find out how many times the EPC was clicked prior to it being removed.0
-
It hasn't happened yet, they did initially offer £100 as an apology, but they are going back to find out how many times the EPC was clicked prior to it being removed.
Any appeasement you receive from them doesn't constitute a correction or resolution of their mistake. The GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. They must do this within 72 hours of becoming aware of the breach, where feasible.
I do not see how the amount of times it was viewed is relevant to the amount of the appeasement they offer you, the fact remains that it was uploaded for public access. If their server stores logs, it may be useful in determining the scale of exposure, but that is about it.Advice provided from this account does not consist of any professional knowledge. For professional debt advice, please contact either National Debtline or StepChange. Advice may consist of personal experience, opinion and/or informational sources.0
This discussion has been closed.
Categories
- All Categories
- 343K Banking & Borrowing
- 250K Reduce Debt & Boost Income
- 449.6K Spending & Discounts
- 235.1K Work, Benefits & Business
- 607.7K Mortgages, Homes & Bills
- 173K Life & Family
- 247.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards