Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Leicester City Council accidentally sent an unsecured spreadsheet to 27 taxi firms that reportedly contained sensitive details of potentially thousands of vulnerable adults and children.
The error occurred as the local government authority were processing tenders for transport of people in care and people with special needs.
Although a recall email was sent, there is no telling just how far the data may have inadvertently spread.
The issue with accidental data leaks of this nature is that its hard to really know how far the data will end up going. The more recipients there are, arguably, the greater the risk. The type of recipients may also dictate the level of risk. If an email is sent to individuals as opposed to companies, the risks can be higher.
But, there is one other major thing that is often forgotten, and that’s whether the recipient has adequate cybersecurity, or whether their account is already compromised by hackers. Data protection breaches and hacks are happening all the time, and its known that cyber criminals will retain information until it can be used. To put this into a relatable example, if one of the taxi firms’ email addresses has already been compromised, and a cybercriminal hears about the council breach in the news, they could get hold of the information.
This train of thought is not ‘wild or outlandish’; it’s the simple reality of how fast data can spread.
An investigation into the Leicester City Council breach has been initiated, with Councillor Ross Grant saying the news made him feel “sick in my stomach”. Some of the data reportedly belonged to vulnerable persons, including children who are said to be at risk of harm from others. It only takes one person to receive the email who may have a malicious agenda to do some serious damage.
Data protection breaches involving the sensitive and personal details for vulnerable adults and children can often cause a lot of distress for victims and their families. Safeguarding such data is of paramount importance and handling such data should be done with care and with security in mind.
This isn’t the first – and probably won’t be the last – someone working for an organisation like a local council accidentally discloses information to the wrong people by simply sending an erroneous email. Local authorities hold a wealth of personal and sensitive data about people, and they need to make sure it’s handled with appropriate care.
A spokesperson for Leicester City Council said:
“Information would normally be shared with taxi companies on a much more limited basis. We take data protection and confidentiality very seriously and took immediate action, contacting all of the firms and asking them to delete the information. We are investigating and will report this incident to the Information Commissioner’s Office.”
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020