morrisons trolley

Morrisons has forked out £200,000 to staff affected by the data security breach caused by a former internal auditor now serving an eight-year prison sentence.

It comes as more than 2,000 Morrisons employees prepare to sue the retailer through JMW Solicitors over the security breach.

The personal details of almost 100,000 members of staff, including bank, salary and National Insurance details, were posted online by Andrew Skelton in March 2014. Skelton was jailed for the breach in July.

“We have made it clear to our staff, if they’ve incurred costs we will guarantee they are not worse off,” a Morrisons spokesman said this week. “Some staff have incurred costs like changing back accounts.”

However, he stressed Morrisons would contest the group legal action, which is thought to be Britain’s biggest-ever action over a data security breach. Morrisons was not accepting liability “for the actions of a rogue individual”, he said.

The spokesman also added “we can confirm we are not aware of anybody suffering a financial loss from this breach.”

But Nick McAleenan, a solicitor at JMW, said employers had a duty to look after their staff’s ­personal details.

“That is especially important given that most companies now gather and manage such material digitally.

“My clients’ position is that Morrisons failed to prevent a data leak which exposed tens of thousands of its employees to the real risk of identity theft and potential loss. In particular, they are worried about the possibility of money being taken from their bank accounts and - in the case of younger clients - negative consequences for their credit rating.”

More employees could join the group action in the next four months, McAleenan added.