Reading:
Windrush data breach forces rule change
Share:
Home Office data breaches government data breach leak

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Windrush data breach forces rule change

The Windrush data breach incident that happened on 7th April 2019 has forced changes to be adopted by the Home Office following the leak of information surrounding the compensation scheme.

Earlier this month, mass emails were sent out to people taking part in the Windrush compensation scheme, as well as other interested parties. Emails were reportedly sent out in batches of 100, and the first five batches are understood to have resulted in a data breach. Yet again, this was another case where recipients of the email could see each other’s information.

This kind of incident has happened so many times before, and it triggered one of the more severe compensation actions we’re involved ion; the 56 Dean Street Clinic leak. Changes are now set to be made.

What is the Windrush data breach incident?

The Windrush data breach incident took place on 7th April 2019 when batches of emails were sent out to people taking part in the compensation scheme, as well as to other interested parties. The emails were sent to the recipients, but the recipient list was visible to all recipients receiving the email.

That meant that hundreds of people could see others who are involved in the Windrush compensation scheme. Rather than using a professional email platform that prevents this, or instead of using the BCC function, the leak occurred.

Changes following the Windrush data breach

The Windrush data breach incident has forced changes from the Home Office, as well as the usual regularity responses.

The ICO (Information Commissioner’s Office) has been informed, and Immigration Minster Caroline Nokes said that they apologise unreservedly for what has been classed as an “administrative error”.

She also said that:

“As a further immediate step, we have put in place strict controls on the use of bulk emails when communicating with members of the public to ensure this does not happen again as lessons are learned.”

A reactive approach

Ultimately, it’s too late for the recipients of the Windrush compensation scheme email who were affected by the data breach.

The information has been leaked, and the damage has been done.

What we’re seeing here is the common reactive approach to a data breach incident. No one can ignore the fact that this exact kind of breach has happened before, and the government has been at the centre of it. This is not a new kind of incident, and there should already have been measures in place to prevent such a breach.

Lessons may be learned in the aftermath of the Windrush data breach, but this was a preventable incident that’s a repeat of incidents that have happened many times before.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon