Newcastle City Council Leaks Data of Thousands of Adopted Children

Newcastle City Council has suffered a data protection breach, after an employee attached the information of 2743 individuals to an e-mail inviting adoptive parents to a summer party.

The council said that the blunder took place on June 15 2017, when a member of its adoption team accidentally attached an internal spreadsheet to the e-mail about the council’s annual adoption summer party.

The e-mail, along with the attachment, was sent to 77 people. It contained information on individuals including current and former adoptees in addition to parents and social workers who had been involved with these families. The data itself included personal information such as names, addresses and the dates of birth of the adopted children.

The council said it was “deeply concerned” to learn of this breach and claimed that a thorough investigation was carried out into how it happened. It added that a series of measures had been put in place to contain the breach, minimize potential distress to those affected and ensure that something like this would not happen again.

The measures included contacting the 77 people who were sent the email requesting that they delete the information, and contacting as many of those affected as possible by phone and letter.

A helpline and related counselling services have been set up to assist people with concerns.

The council has also informed the Information Commissioner’s Office, and has commenced a review of data protection across the council. It claimed that it would run refresher training courses for all staff with access to sensitive information.

“This breach appears to have been caused by human error and a failure to follow established procedures,” said Newcastle City Council’s director of people, Ewen Weir.

“We are conducting a thorough review of our processes to identify what changes we can make to ensure that this never happens again”, he added.

Anyone involved with Newcastle’s Adoption Service who has concerns can call the council’s dedicated helpline on 0191 211 5562 for further information.

What’s Hot on Infosecurity Magazine?