Data and securityCyber SecurityCouncil apologises for data breach

Council apologises for data breach

Internal spreadsheet shared accidentally

Newcastle City Council has confirmed that a data protection breach has taken place and has issued the following statement:

On 15 June 2017, an employee in the council’s adoption team accidentally attached an internal spreadsheet to emails inviting adoptive parents to the council’s annual adoption summer party. The email and attachment were sent to 77 people. This attachment contained personal details relating to 2,743 individuals, comprising current and former adoptees, parents and social workers who had been involved with these families. The spreadsheet included personal information such as names, addresses and the birthdates of the adopted children.

The council was deeply concerned to learn of this breach. A thorough investigation was carried out into how this happened. A series of measures have been put in place to contain the breach, minimise potential distress to those affected and ensure that such breaches cannot happen in the future. These measures include:

  • contacting the 77 people who were sent the email requesting they delete the information to avoid it circulating further
  • putting in place a process to contact as many of those affected as possible by phone and letter
  • setting up a helpline and related counselling services to assist anyone with concerns
  • informing relevant regulators
  • commencing a review of data protection across the council and running refresher training courses for all staff with access to sensitive information
  • instigating a broader review of policies to ensure that no such breach can take place in the future.

The council apologises for any worry and concern this incident may have caused. We encourage anyone who thinks they may have been affected to get in contact via the dedicated helpline.

Director of People, Ewen Weir, said: “I am truly sorry for the distress caused to all those affected. We will work closely with the affected families and individuals to support them at this trying time. The council takes data protection and confidentiality very seriously and has acted swiftly to understand what happened and who has been affected. This breach appears to have been caused by human error and a failure to follow established procedures. We are conducting a thorough review of our processes to identify what changes we can make to ensure that this never happens again.”

Related Articles

Housing associations collaborate around cyber awareness

Cyber Security Housing associations collaborate around cyber awareness

16h Austin Clark
Six top security and risk management trends revealed

Cyber Security Six top security and risk management trends revealed

1w Austin Clark
DDoS Defence Demands a Hybrid Approach

Cyber Security DDoS Defence Demands a Hybrid Approach

2w Guest Writer
NHS Digital joins forces with IBM to beef up NHS cyber security

Cyber Security NHS Digital joins forces with IBM to beef up NHS cyber security

3w Austin Clark
HMRC storing voice ID data 'without consent'

Cyber Security HMRC storing voice ID data 'without consent'

3w Austin Clark
Government’s rapid cloud adoption lacks security (Infographic)

Cloud Computing Government’s rapid cloud adoption lacks security (Infographic)

1m Austin Clark
Combatting the cyber security skills crisis: Retraining could help public sector digital transformation

Cyber Security Combatting the cyber security skills crisis: Retraining could help public sector digital transformation

1m Guest Writer
The need for a strategic approach to cyber security purchasing

Cyber Security The need for a strategic approach to cyber security purchasing

2m Guest Writer