The current and former employees want to be compensated for “upset and distress” caused by the incident, but Morrisons claims it is not liable.
However, the retail giant was awarded £170,000 in compensation for the leak at the time, while its staff got nothing, argued Jonathan Barnes, counsel for the 5518 employees.
“The judge was sure that the employees were victims too, and it is those victims who have received no compensation for their distress or loss of control of the situation,” he said, according to the BBC.
“We say that, having entrusted the information to Morrisons, we should now be compensated for the upset and distress caused by what we say was a failure to keep safe that information.”
Andrew Skelton was a senior internal auditor at the Morrisons head office in Bradford when he leaked the details of nearly 100,000 supermarket employees, a breach which is said to have cost the firm over £2m to mitigate.
The leaked data – which was posted online and sent to several newspapers in 2014 – included NI numbers, birth dates and bank account details.
These details would certainly be enough for internet scammers to attempt identity fraud or follow-on phishing attacks.
Skelton is serving eight years after being found guilty in 2015. The incident apparently stemmed from a grudge he harbored against his employer after he was cautioned for using the company’s mail room to sell legal highs on eBay.