Npower App Data Breach Claims

Portrait of Robert Godfrey
Robert Godfrey
Partner, Head of Professional Negligence and Dispute Resolution

Energy provider Npower has taken down its app after being caught in a personal data breach attack, causing customers’ personal data to be exposed.

Npower are owned by E.ON, one of the largest energy suppliers in the UK, providing gas and electricity to over 500,000 customers across the country.

While it’s not yet known how many customers have been affected by the personal data breach, Npower have decided to remove the app for good, something they’d been planning to do already. In response to the data breach, Npower say they’ve “contacted all affected customers to make them aware of the issue” and “immediately locked” their accounts.

If you’re an Npower customer, and you’ve been told your personal data might be affected by this breach, you may be eligible to make a GDPR Data Breach Claim for compensation. Get in touch with our Data Breach Solicitors for a free initial chat and we’ll be happy to advise you.

We can often deal with Data Breach Claims on a No Win, No Fee basis – just ask us for details.

How Were Customers Affected?

According to MoneySavingExpert, who were the first to report the data breach, both personal and financial customer data was exposed, including:

  • Personal details such as names, birth dates and addresses
  • Financial information including sort codes and partial bank account numbers
  • Contact preference details i.e. whether customers wanted to be contacted by email or phone

While Npower haven’t disclosed exactly when the attack happened, MoneySavingExpert found an email from Npower dating 2nd February, warning customers that their accounts had been locked because of third party access.

Npower told the BBC that hackers accessed customer accounts by “using login data stolen from another website”, which is known as “credential stuffing.” They have advised all customers to change their passwords on their Npower account, and any other accounts they’ve used that password for.

How Else Can I Protect My Data?

Even if you’ve not been contacted to say your personal data’s been affected, it’s still a good idea to take steps to protect your data if you’re an Npower customer.

You should:

  • Change your passwords for your Npower account and any other important accounts you may have the same password for – make sure you choose a strong password that’s different enough from your last one
  • Look out for suspicious activity on your bank accounts – if you notice any unusual transactions, contact your bank provider straight away
  • Watch out for dodgy emails and phone calls – cybercriminals can be very convincing when sending phishing emails or texts. Be aware of any suspicious requests for personal or bank details, and don’t click any links if you’re unsure. Remember, your bank will never ask for your bank details over the phone or by email

Making a GDPR Data Breach Claim

We’ve helped many people make a claim for compensation after their personal data was breached, whether this was by a small, private company or a larger organisation such as a bank or charity.

If you’re worried that your personal data’s been affected by the Npower data breach, get in touch with our expert Data Breach Solicitors for free initial legal advice. We can take a look at your case and see if you’ve got grounds for a GDPR data breach claim.

Contact our Cyber Security Solicitors For a Free Case Assessment

We're happy to help

Monday to Friday 8:30am-7:00pm

0808 239 9426

0808 239 9426

We're happy to call you

Simply click below to arrange the assessment

Request a Free Case Assessment

Request a Callback

This data will only be used by Simpson Millar in accordance with our Privacy Policy for processing your query and for no other purpose

Simpson Millar Solicitors are a national law firm with over 500 staff and offices in Billingham, Bristol, Cardiff, Catterick, Lancaster, Leeds, Liverpool, London and Manchester.