BBC News reports that the U.K.'s South Central Ambulance Service (SCAS) accidentally leaked the age, sexuality and religion of its entire staff of 2,826 employees as of October 2013 (h/t Infosecurity).
The data was mistakenly attached to a report on the SCAS website.
The U.K. Information Commissioner's Office (ICO) alerted SCAS to the breach on April 24, 2014, and the data was immediately removed.
"All affected individuals, including current and past members of staff, were informed of this breach in a personal letter from the chief executive officer," SCAS said in a statement. "We have undertaken a thorough review of all our published information on the website -- over 2,000 documents -- and we can confirm that this was the only document affected."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
SCAS has been cooperating with the ICO since the breach was discovered, and says it has drafted an action plan to minimize the risk of such an incident occurring again.