Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
The Bristol council data breach incident that was reported last week is understood to have affected thousands of residents.
The incident was yet another case of an avoidable data breach that has been caused by what appears to be a simple error. We see these kinds of leaks all the time, and they’re not the first council to have committed a breach just like it.
One of the most severe data breach group actions we’re running stemmed from an incident that’s exactly the same as this one. The damage that can be caused from a simple email error that leads to a leak can be substantial. A large volume of the cases we deal with are for council data breach compensation claims. They really are awfully common.
It’s understood that the Bristol council data breach incident is another case of an email that was sent out using the CC function instead of the BCC function.
Ironically, the email that was sent was to notify people who had signed up to the Bristol Citizens’ Panel that their email address would be removed in accordance with GDPR. Instead of using the BCC function, the CC function was used. The result was that identities and contact information of those involved in the Panel have been leaked to each other.
This isn’t the first incident where an email that has been sent to be compliant with GDPR has subsequently breached GDPR by leaking the recipient list either. It’s basic stuff, but we see these kinds of breaches a lot. The 56 Dean Street Clinic leak remains, perhaps, the worst seen yet. We’ve been fighting for justice for victims of that leak since 2015.
The Bristol council data breach email resulted in complaints from some of the recipients. We understand that the “reply all” feature had been used to air concerns as well.
The council has confirmed that the email was sent in the way it was “in error” and has apologised for what has happened.
In response to the breach, the council said:
“We sincerely apologise for an email that was sent out in error earlier today. The email was sent to recipients with the email details in the ‘To:’ address field so these were visible to everyone who received the message. This was done in error and should not have happened. This has been reported to the city council’s data controller as a data breach.”
Your email address will be deleted from the Citizens’ Panel database and you will not be contacted again.”
A lot of the enquires we receive, and the cases we take on, are for council data breach compensation claims. Local authority leaks and breaches lead the way when it comes to the volumes of incidents that take place.
With the volume of personal and sensitive data that councils often hold, these kinds of incidents can be severe for the victims.
The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.